Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
vendors:microsoft:iis [2025/02/17 13:42] – [Powershell script to install IIS] gerardorourkevendors:microsoft:iis [2025/09/29 10:04] (current) – [Example 2] gerardorourke
Line 20: Line 20:
  
   * Download PHP - http://windows.php.net/download/ (non thread safe version for IIS - CGI)   * Download PHP - http://windows.php.net/download/ (non thread safe version for IIS - CGI)
-  * Download Wincache for PHP - https://www.iis.net/downloads/microsoft/wincache-extension OR enable CGI  -  +  * Enabled CGI - Configure IIS \ Application Development Features \ CGI -  
-    * How to Enabled CGI - Configure IIS \ Application Development Features \ CGI - for more info check [[https://stackify.com/how-to-host-php-on-windows-with-iis/|here]]+      * Configure Fast CGI on IIS (See [[#configuration_of_iis]] for steps). 
 +      * for more info check [[https://stackify.com/how-to-host-php-on-windows-with-iis/|here]] 
 +  * Download and install latest Microsoft Visual C++ Redistributable (needed for PHP)
   * Download Dokuwiki - https://www.dokuwiki.org/dokuwiki#   * Download Dokuwiki - https://www.dokuwiki.org/dokuwiki#
  
Line 78: Line 80:
  
 ===== CORS ===== ===== CORS =====
 +====Example 1====
 +<code xml>
 +<?xml version="1.0" encoding="UTF-8"?>
 +<configuration>
 +    <system.webServer>
 +        <httpProtocol>
 +            <customHeaders>
 +                <add name="Access-Control-Allow-Origin" value="https://*.mydomain.com" />
 +                <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS, PUT, DELETE" />
 +                <add name="Access-Control-Allow-Headers" value="Content-Type, Authorization" />
 +                <add name="Access-Control-Allow-Credentials" value="true" />
 +            </customHeaders>
 +        </httpProtocol>
 +        <staticContent>
 +            <clientCache cacheControlMaxAge="00:30:00" cacheControlMode="UseMaxAge" />
 +        </staticContent>
 +    </system.webServer>
 +</configuration>
 +</code>
 +
 +
 +====Example 2====
 <code xml> <code xml>
 <?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
Line 87: Line 111:
                     <match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".*" />                     <match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".*" />
                     <conditions>                     <conditions>
-                        <add input="{HTTP_ORIGIN}" pattern="^(https://([a-z0-9-]+\\.)?mydomain\\.com|https://example\\.com)$" />+                        <add input="{HTTP_ORIGIN}" pattern="^(https://([a-z0-9-]+\.)?mydomain\.com|https://example\.com)$" />
                     </conditions>                     </conditions>
                     <action type="Rewrite" value="{HTTP_ORIGIN}" />                     <action type="Rewrite" value="{HTTP_ORIGIN}" />
Line 108: Line 132:
  
  
 +===== Disabled IIS Server Header =====
 +<code>
 +%systemroot%\system32\inetsrv\appcmd.exe set config -section:system.webServer/security/requestFiltering /removeServerHeader:true /commit:apphost  
 +</code>
 +
 +To validate the changes, execute the below curl command, and you should not see server details as part of the header.
 +
 +curl -I https://your-domain.com 
  • vendors/microsoft/iis.1739799771.txt.gz
  • Last modified: 2025/02/17 13:42
  • by gerardorourke