Knowledgebase : Server Settings

Windows 2008 server R2 x64, Plesk 9.x,  SQL Server 2008 and R2, Framework 2.xx

When you try to access ASP.NET Application the system shows you an error.

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

SOLUTION:

  • Click START
  • Click ACCESSORIES
  • Right-click COMMAND PROMPT, then click RUN AS ADMINISTRATOR
  • Enter this command: cacls C:\Windows\assembly\GAC_MSIL /E /R psacln /T /C (a list of process will display)
  • Then enter this command: cacls C:\Windows\assembly\GAC_MSIL /E /R psaadm /T /C (a list of process will display)
  • Type Exit and hit enter to close the command prompt.

Restart the Server.

This guide is intended for server administrators who are going to manage Parallels Panel 11 and Customer and Business Manager. This document also includes instructions about offering Web Presence Builder in the Try and Buy (or trial) mode.
This guide is intended for server administrators who are going to use Customer and Business Manager to automate ordering, billing, and provisioning of their hosting services.
Make the most from your dedicated server with this guide.
This guide is intended for server administrators who are going to manage Parallels Plesk Panel 10.
The guide provides step-by-step instructions to perform server management tasks that require use of Panel for Microsoft Windows functionality other than the GUI and GUI-only tasks that administrators may need to perform only in rare specific situations.
The guide provides information about Panel abilities beyond that available in the standard GUI. System administrators can use this guide to access fine-grained Panel configuration and improve the system performance, security, and other options. Among the other topics, the document also explains how to:

  • Customize Web Presence Builder topics
  • Integrate additional services into Plesk service plans

If you ever feel that someone may be trying to break into your server or know an IP address that you want to block from accessing your server there is a built in firewall on all of our 2008 DDS servers. You can use this firewall to block either a range of IP addresses or a single address. 

1. Log into your server via RDP.

2. Click on start > administrative tools > windows firewall with advanced security. 

3. On the left side of the firewall window click on the inbound rules option.

4. On the right side of the screen click on New Rule.

5. Click on the custom radio button and then click next.

6. Make sure the All programs radio is selected then click next.

7. On the protocol and ports options leave everything at its defaults and click next.

8. On the scope screen you will see two boxes the top one is for local IP addresses and the bottom is for remote IP addresses. In this scenario we are trying to block an outside (remote) IP from accessing anything on the server so we will need to add the IP address to this section only as it will not be a local IP address. 

9. Click on the radio that says "these IP addresses " in the remote section

10. Click on the Add button.

11. In the next window we will be adding a single IP address to the rule, you can also add an entire range at this point if you wish.

12. Click ok, click next.

13. Make sure you select the Block the connection radio on the next screen and then click next. 

14. Leave all of the options on the next screen checked this will be sure to block the IP no matter the connection they are trying to use. Click next.

15. Name the rule on the next screen something you can remember in case you wish to remove or edit it in the future. Click finish. 

If you ever feel that someone may be trying to break into your server or know an IP address that you want to block from accessing your server there is a built in firewall on all of our 2008 DDS servers. You can use this firewall to block either a range of IP addresses or a single address.

  1. Log into your server via RDP.
  2. Click on start > administrative tools > windows firewall with advanced security.
  3. On the left side of the firewall window click on the inbound rules option.
  4. On the right side of the screen click on New Rule.
  5. Click on the custom radio button and then click next.
  6. Make sure the All programs radio is selected then click next.
  7. On the protocol and ports options leave everything at its defaults and click next.
  8. On the scope screen you will see two boxes the top one is for local IP addresses and the bottom is for remote IP addresses. In this scenario we are trying to block an outside (remote) IP from accessing anything on the server so we will need to add the IP address to this section only as it will not be a local IP address.
  9. Click on the radio that says "these IP addresses".
  10. Click on the Add button.
  11. In the next window we will be adding a single IP address to the rule, you can also add an entire range at this point if you wish.
  12. Click ok, click next.
  13. Make sure you select the Block the connection radio on the next screen and then click next.
  14. Leave all of the options on the next screen checked this will be sure to block the IP no matter the connection they are trying to use. Click next.
  15. Name the rule on the next screen something you can remember in case you wish to remove or edit it in the future. Click finish and thats it.

You can use these procedures to change the password for the Administrator account on the computer running Windows Server® 2008, Windows Server 2012.

Membership in Administrators, or equivalent, is the minimum required to perform this procedure.

  1. Log on to the computer using the Administrator account.

  2. Click Start, click Control Panel, and then double-click User Accounts.

  3. In User Accounts, in Make changes to your user account, click Change your password.

  4. In Change your password, in Current Password, type your password.

  5. In New password, type a new password.

  6. In Confirm new password, retype the password.

  7. In Type a password hint, type a word or phrase that will remind you of your password or, optionally, leave this field blank.

  8. Click Change password.

 

To change the Administrator password in Windows Server 2012

  1. Log into your server via Remote Desktop.
  2. Press your Windows key and type Administrative Tools.
  3. Double click on Computer Management.
  4. Expand Local Users and Groups.
  5. Click on Users
  6. Right click on Administrator. Click on Set Password > Proceed.
  7. Type your new password in both fields then press OK.

Remote Desktop Connection is a program included with most Microsoft operating systems that allows you to make a connection to your server. This connection allows you to access your server directly from a remote location, as if you were sitting in front of the machine.  There are also a few programs for the Mac operating system as well.  Connecting to a Remote Desktop session is only available for Dedicated and Cloud solutions.  This option is NOT for shared accounts.

Windows:

  1. Click StartProgramsAccessoriesCommunicationsRemote Desktop 
  2. In the Computer field, type the IP address or hostname of the server for which you are 
  3. Click Connect. After a few moments the Log On to Windows dialog box will appear. 
  4. Enter your Remote Desktop user name and password and click OK. The Remote Desktop window will open and you will see the desktop of your server.

Note: To change your connection settings, (such as screen size, automatic logon information, and performance options), click Options before you connect.

When you are finished working on your server you will need to end the connection. 

 

MAC:

To connect to your server from a Mac OS, please see the following link which will guide you through the steps of connecting with CoRD.


CoRD is a program for Mac OS X that allows a user to connect to a Windows server via Remote Desktop.  it tends to be more reliable and is supported on the latest builds of Mac OS X whereas Microsoft Remote Desktop Client is not.  If you are connecting from a Windows machine, please see Connecting to Remote Desktop for Windows.

To connect to a Windows server with CoRD, follow the instructions below.

  1. Download CoRD from the CoRD website.
  2. Once installed, open the program. 
  3. Click the Servers icon and then click the + icon to add a server to the list. 
  4. Fill out the Address (domain or IP address of the server), username, and password.  Configure the other options accordingly.   Once done, close the dialog window.
  5. The server now appears in the server list.  Double-click the server name to log in. 

It is easy to setup and host a new website on your dedicated server through Plesk. You may be limited to the number of domains you can host, depending on the Plesk licence you have chosen.

 

Step 1
Log in to the Plesk control panel on your server.

Step 2
Click on Domains in the menu on the left.

 
 

Step 3
Click on the Create Domain icon.

 
 

Step 4
Enter the domain name you're adding in the Domain name text box, and make sure the WWW box is selected.

Select one of the IP addresses assigned to your server from the Assign IP address drop down menu.

Select Default Domain from the Use domain template settings drop down menu.

 
 

Step 5
Ensure the Mail and DNS boxes are selected, then choose the Web Site Hosting option from the Hosting type group.

 
 
Step 6
Choose a username to use to connect to the FTP for this domain and enter it in the Login text box. You also need to enter a password in the Password text box, and retype it in the Confirm password text box.
 
 
Click the Finish button when you are done. You will receive an on-screen message to let you know the domain has been added successfully.

The following article explains how to install ASP.NET on a Windows server. ASP.NET is a scripting language that is designed to run in a Windows Environment. 

To install ASP.NET on a server running Windows .NET using the Configure Your Server wizard

  1. From the Start menu, click Manage Your Server; in the Manage Your Server window, click Add or remove a role.
  2. In the Configure Your Server wizard, click Next, and in the Server Role dialog box, check Application Server (IIS, ASP.NET) and then click Next.
  3. In the Application Server Options dialog box, select the Enable ASP.NET check box, click Next, and then click Next again.
  4. If necessary, insert your Windows .NET Server 2003 installation CD in the CD-ROM drive and then click Next.
  5. When the installation is complete, click Finish.

To install ASP.NET on a server running Windows .NET using the Add or Remove Programs dialog box

  1. From the Start menu, point to Control Panel, and then click Add or Remove Programs.
  2. In the Add or Remove Programs dialog box, click Add/Remove Windows Components.
  3. In the Components box in the Windows Components wizard, select the Application Server check box, and then click Next.
  4. When the Windows Components wizard has finished configuring Windows .NET Server 2003, click Finish.

To enable ASP.NET in IIS Manager on a server running Windows .NET

  1. From the Start menu, click Run.
  2. In the Open box in the Run dialog box, type inetmgr, and then click OK.
  3. In IIS Manager, expand the local computer and then click Web Service Extensions.
  4. In the right pane, right-click ASP.NET and then click Allow. The status of ASP.NET changes to Allowed.


The following article provides System Administrators with instructions to help them implement an FTP solution to allow for successful file exchange with their servers from remote locations.

Benefits of FileZilla:

  • secure file transfer via SSL/TLS (can be required) or even Kerberos
  • takes up little hard drive space (max is ~10.3 MB)
  • comes without the IIS security concerns you would have if you deployed FTP services via Windows (IIS required)

To install FileZilla server, please follow these steps:

  1. Log into your server through Terminal Services or Remote Desktop Connection.
  2. Open a Web browser and load http://sourceforge.net/project/showfiles.php?group_id=21558
  3. Scroll to the bottom and download the latest install file under FileZilla Server, FileZilla_Server-0_9_23.exe.
  4. Once the download completes, run the .exe file.
  5. Read the License Agreement and choose "I Agree" to proceed.
  6. Select the components you wish to install and click Next
  7. Select the Destination Folder and click Next. We recommend using the default settings. 
  8. Select how the services should be started and click Next. We recommend using the default settings. 
  9. Select how the server interface should be started and click Install. We recommend using the default 
  10. Click Close to finish the installation.
  11. Click OK to connect to the FileZilla server

 


Spam is unsolicited email, usually of a commercial nature, which is mass distributed to newsgroups, multiple mailing lists and individuals.1 If you are tired of dealing with unsolicited junk mail clogging your email accounts, follow the steps in this guide to learn how to stop spam email.

Here are some simple things that you can do:

  1. Don't Open Spam: Don't open messages, don't click on any of their links, and don't buy anything from a spam-advertised site. People get tricked every day into opening spam messages, clicking on their links and buying what they're selling.
  2. Don't Respond to Spam: Responding to a spam email in any way just proves to the spammer that yours is a working email address and that you actively check your emails. Many spammers are actually just looking for email addresses that work. Don't click on any link that says "Unsubscribe" or "Click Here if you Don't Want to Receive Any More Emails". These are just ways for spammers to confirm that you have read the email.
  3. Delete and Mark Spam: It is always a good idea to delete spam emails as soon as you get them. But before you delete them, make sure you mark them as Spam in your email client. Most email clients will allow you to mark certain emails as Spam. This helps the email client identify similar emails in the future and prevent them from finding their way into your inbox.5
This document contains introduction to Customer & Business Manager and instructions on how to configure it to provide customers with web hosting services managed by Parallels Plesk Panel. In brief, the document explains how to create a hosting plan in Business Manager, import it to the Panel, and automate the process of subscribing to this plan. Also contains useful info about online store: (a) How to modify an online store appearance (header and footer) to match branding, (b) How to build an online store into a website.

To connect your dedicated server, follow these steps:

1.

 On your home/work computer, click Start, point to All Programs, and then point to Accessories.

2.

 In the Accessories menu, point to Communications, and then click Remote Desktop Connection.

3.

 In the Computer box, type the IP address of your dedicated server.

4.

 Click Connect.

5.

 When the Log On to Windows dialog box appears, type your user name, password, and then click OK.

Server Manager is a new tool available with Windows Server® 2008 that guides information technology administrators through the process of installing, configuring, and managing server roles and features that are part of Windows Server 2008.


By default Windows 2008 starts with a number of services that actually do not need to be running. Many of these services can impact performance and can also compromise security on your server. This article identifies some of these services and lets you know which ones are safe to disable.

Services That Can Be Disabled

The services in question here will be the ones that Windows 2008 sets up as an automatic service, which means as soon as your server is powered on, they start. Our goal is to stop as many services as possible without disabling any needed services for the server.

To get started, log onto your Windows 2008 server. Once you are logged in, there are two ways to get to the services. The first is to navigate to Start > Administrative Tools > Services, while the other is to simply go to your run command prompt, type "services.msc" and then press enter. Now that you are at the services, you can begin.

    • DHCP Client - Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start. Since we don't run DHCP on our servers, this can be disabled.
    • DNS Client - The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. Since Hosting.com provides you with DNS servers there is no need to have this enabled. However if you plan on running your own DNS server this will need to active.
    • Distributed Link Tracking Client - Maintains links between NTFS files within a computer or across computers in a network. Unless you are running an Active Directory Domain, this service is not needed.
    • Human Interface Device Access - Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices.  This can safely be disabled for a Virtual Server, however Dedicated Server users may want to keep this enabled.
    • IP Helper - Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. Since Hosting.com is currently not using or offering IPv6, this service can be stopped.
    • Network Location Awareness - Collects and stores configuration information for the network and notifies programs when this information is modified. If you use the Windows 2008 Advanced Firewall, you will may not want to disable this service as it provides the firewall with specific settings. However if you are not using Windows Advanced Firewall or have a hardware firewall then you can safely disable this.
    • Print Spooler - Loads files to memory for later printing. Unless you are setting up remote printing, this service can be disabled.
    • Windows Error Reporting Service - Allows errors to be reported when programs stop working or responding and allows existing solutions to be delivered. Also allows logs to be generated for diagnostic and repair services. Service is not needed and can safely be stopped.
    • Windows Firewall - Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network. It is important that any server that is exposed to the internet to also have a firewall running. However if you are using a hardware firewall, this can be disabled.

 

  • Windows  Audio - Manages audio for Windows-based programs.  If this service is stopped, audio devices and effects will not function properly. Since your server is not local, there is little need to have audio services running on it. If you are rnning a media services such as Windows Media Server or Shoutcast, this will have no impact since the audio from the media server is sent to the client. This can safely be disabled.

If you have a question regarding the services cited here or any other service that is running on your Windows Server 2008, please contact the DNN4Less Support.

When you visit a website on the Internet, the computer you use will find the address of the site using a system called DNS. If you are using your home computer to browse the internet, it will request each website address from your Internet Service Provider (ISP).

Dedicated and Virtual Servers are set up to search for this DNS information themselves. This is perfectly normal and is a commonly used feature for office or cloud networks.

There are two types of DNS queries that can be made to your server, which are as follows:

  • Recursive requests: With these requests your server will attempt to find the website in question in its local cache. If it cannot find an answer it will query other DNS servers on your behalf until it finds the address. It will then respond to the original request with the results from each server's query.
  • Iterative requests: With these requests the DNS server will attempt to find the website in question in its local cache. If it cannot find an answer it will not ask other DNS servers but will reply back to the original request with a single “I don’t know, but you could try asking this server” message.

Why are recursive DNS requests not recommended?

Servers that support this type of request are vulnerable to fake requests from a spoofed IP address (the victim of the attack), the spoofed IP address can get overwhelmed by the number of DNS results it receives and be unable to serve regular internet traffic. This is called an Amplifier attack because this method takes advantage of DNS servers to reflect the attack onto a target while also amplifying the volume of packets sent to the victim.

A consequence of this activity is that third party Network administrators who detect these requests may block your IP addresses.  Your server could even be placed upon DNS blacklists.

What happens if I turn off Recursive DNS lookups on my server?

If your server does not enable recursive DNS lookups, it will simply treat any such requests as an iterative DNS inquiry. It will remain as a DNS server, but will no longer be useful to attackers in part of an amplified attack on a victim.

How do I turn off Recursive DNS lookups?

Within the Plesk control panel:

Step 1: Log into your Plesk Control panel and click on Settings in the left hand menu.

Step 2: Click the button marked DNS Recursion Settings.

Step 3: Select Allow for Local requests only and click Set.

This will stop third parties from receiving recursive DNS requests from your server.

For Windows not using the Plesk control panel:

Open the command line and enter the following command:
dnscmd <Server name> /Config /NoRecursion 1

Replacing <Server name> with the name of your server.