Prevent SQL injection by using IIS URL Rewrite

Nowadays, a bad or unoptimizes SQL query could easily compromised or get attacked. However you may try to reduce or prevent (Don’t say avoid, it is not possible, keke) the SQL injection through your expression rules.

If you are using IIS as your web engine, you may use some expression to reduce the SQL injection.

[dD][\%]*[eE][\%]*[cC][\%]*[lL][\%]*[aA][\%]*[rR][\%]*[eE][\s\S]*[@][a-zA-Z0-9_]+[\s\S]*[nN]*[\%]*[vV][\%]*[aA][\%]*[rR][\%]*[cC][\%]*[hH][\%]*[aA][\%]*[rR][\s\S]*[eE][\%]*[xX][\%]*[eE][\%]*[cC][\s\S]*

Continue reading Prevent SQL injection by using IIS URL Rewrite

Enabling Permalink from WordPress with IIS7.x

This article is applicable for WordPress user who used IIS7.x as their web services and not able to work correctly with the permalink.

1. Log into your WordPress. Select on Setting and click on Permalink Settings.

2. Select any of the Common Setting or Custom Structure.
3. Click Update Permalink Structure button.
4. Now, you will see your blog get 404 error when click on any post or pages. No worry, refer to the following step to get this fix.
5. Log into your DotNetPanel file manager or FTP, modify the web.config file from your root folder (probably wwwroot folder) and add the following code to the web.config file.

Continue reading Enabling Permalink from WordPress with IIS7.x