Ruslan's Blog

Today IIS team has released the Dynamic IP Restrictions Extension for IIS 7.0 - Beta. The Dynamic IP Restrictions Extension provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through Brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level.

I am pleased to let everyone know that PHP development community has made significant improvements to the installer in upcoming PHP releases. In particular a number of bugs have been fixed to make the installer work well with FastCGI extension in IIS 5.1 and IIS 6.0 and with FastCGI module in IIS 7.0. Now the installer will do for you many of the configuration steps that previously you had to complete manually by following the instructions in the article Using FastCGI to Host PHP Applications on IIS 7.0.

Recently I was told about Smashing Magazine, which turned out to be a pretty useful site. It is targeted for web developers and web designers and it contains tons of information, tools and freebies for web developers. One of the article on that site was about 10 Steps To Protect The Admin Area in WordPress. In that article step #7 described how to use web server’s built-in authentication to provide an extra protection layer for wp-admin directory, where all WordPress admin scripts are located. The article described how to do that in Apache by using .htaccess file. In this post I will explain how to protect WordPress wp-admin directory on IIS 7.0 by using IIS built-in Forms Authentication.

At some point I wanted to integrate a Silverlight based player into my blog, so I was looking for a WordPress plugin that would do that. However, I could not find any that was easy enough to use. So I decided to write one myself for self-educational purposes. This post describes and demonstrates the plugin that I wrote and explains how to use it to add Silverlight-based media players to blog posts and pages of a WordPress powered blog.

The performance of WordPress may be sufficient for an average blog that gets a few page hits per minute. However, if your blog post suddenly shows up on digg.com or any other social networking site, it may become challenging for server to handle such huge spike in traffic. A few options exist to help server to cope with flood of requests:

Recently, I found out that my WordPress powered blog did not correctly handle 404 - File Not Found errors. When a request was made to a non-existent page, then instead of getting nice WordPress based error page, visitors used to get a generic IIS 7.0 404 error page. Somehow, I have missed that part of the configuration when I set up WordPress initially. The fix for that turned out to be very simple, but since it seems to be a very common configuration task when hosting WordPress on IIS 7.0, I decided to explain the necessary configuration steps.

Today IIS team has made the URL Rewrite Module for IIS 7.0 Release To Web (RTW) available for download. This is a final, production-ready release that is officially supported by Microsoft.

Since the time we have published the article about installing FastCGI and PHP on IIS 7.0 it has become one of the most popular articles on http://learn.iis.net. Also it has received a lot of comments from site visitors. Today, we are publishing the updated version of this article that contains more up-to-date information and addresses most of the feedback from community. Here is what this article includes now: