Nginx: remove the Server header

In this tutorial, I will explain to you how to delete the header server on Nginx but not only… As you can see in the screenshot below, in the response, we can see the server: Microsoft-IIS/8.5 and the version of PHP and ASP with the X-Powered-By headers. To remove the server header, we will use …

Read more



ARR: Block PowerShell access to Exchange

In this tutorial, I will show you how to block PowerShell remote access to Exchange with ARR. As a security measure, if you use IIS ARR to publish Exchange servers to the Internet, you must block PowerShell remote access. By default, it is possible to remotely administer an Exchange server with PowerShell, we find all …

Read more



ARR – HTTP to HTTPS redirection

In this tutorial, I will explain to you how to set up a redirection of a site from HTTP to HTTPS with ARR. If you don’t yet know IIS ARR, I’ll let you discover it in this tutorial: IIS ARR: Installation and configuration. This type of redirection is often implemented when using ARR with an …

Read more



Nginx – GeoIP: configuration

In this new tutorial dedicated to Nginx, I will explain to you how to configure GeoIP in order to be able to set filters (restrictions) based on the country of your visitors. GeoIP will allow us to determine the country (see city) of a visitor based on their IP address, for this we will rely …

Read more



IIS ARR – configuration to use self-signed certificates on target server

In this new tutorial dedicated to IIS ARR, I will explain how to configure ARR in order to be able to use a self-signed certificate on the target server. In the previous tutorial, I explained how to do an SSL dump, in this configuration the target server is in HTTP, which means that the request …

Read more



IIS – Add the X-Forwarded-For field in the logs

In this tutorial, I will explain how to add the X-Forwarded-For field in the IIS logs, in order to retrieve the real IP address of a visitor when a reverse proxy is upstream of the IIS server. On the IIS Web server, open the Internet Services Management console. Select server 1 and click Logging 2. …

Read more



Nginx Reverse proxy: cache configuration

After seeing how to use Nginx as a reverse proxy, I will explain in this tutorial how to configure the caching of static elements (image, css files, js ….). The use of the cache will reduce the number of HTTP requests to the Web server and therefore reduce this workload. The first step will be …

Read more



Nginx: configuration as reverse proxy

In this tutorial dedicated to Nginx, I will explain how to configure it in order to have a reverse proxy. Before getting to the heart of the matter, I will quickly introduce you to Nginx and what a reverse proxy. For this tutorial, I used an Ubuntu 20.04 machine. Introducing Nginx Nginx is a web …

Read more



AD FS: installation and configuration of an SSO and directory federation portal

Form login

Introduction In this article, I propose to discover the AD FS and Proxy (WAP) roles. As part of the preparation for the 70-742 certification, I embarked on the mock-up of an infra. What’s this ? ADFS and the proxy that accompanies it can put several things in place: Prerequisites For the realization of this tutorial …

Read more