How to Install React JS in Windows

Reading Time: 4 minutes

React.js (React) is an open-source JavaScript library useful in building user interfaces. React is a library so our main focus for this article is installing a JavaScript environment and a Package Manager so that we can download and install libraries including React.

When we are done, you will have a React environment you can use to start development on your Liquid Web server.

 

Install Node.js

The first step is to download the Node.js installer for Windows. Let’s use the latest Long Term Support (LTS) version for Windows and choose the 64-bit version, using the Windows Installer icon.

Once downloaded, we run the Node.js installer (.msi fuke) and follow the steps to complete the installation.

Now that we have Node.js installed, we can move on to the next step.

 

The Command Prompt Environment

We’ll need to use the command prompt (command line) to interact with Node.js and the Node Package Manager (NPM) to install React. Let’s take a few minutes to cover the commands we’ll need to use to get around. Here are the basic commands we will need to get around and create folders/directories:

 

Open a Command Prompt in Windows

Click the Start Menu (1), start typing the word command (2), then choose either Command Prompt or the Node.js command prompt (3) — either choice will work.

A command prompt window will open with the path showing as C:\Users\<username> where the <username> on your system will be the user you are logged in as.

To execute a command, we type the command and any required options, then press Enter to execute it and see the results. Let’s walk through each of the commands listed above to see what happens:

dir

Let’s look at the contents of the downloads folder with this command:

dir downloads

The path shows we are still in the directory C:\Users\ReactUser>, however, we are looking at the contents of C:\Users\ReactUser\downloads and we see that it has one file. Let’s move to the downloads directory with this command:

cd downloads

We’ve changed to the downloads folder as the command prompt shows C:\Users\ReactUser\Downloads>. You can use the dir command to see the contents of this directory/folder. Next, let’s go back to the previous directory with this command:

cd..

Now we are back to where we started. Let’s create a new directory for our first project and name it reactproject1. We’ll use the command:

mkdir reactproject1

Again, we use the dir command to list the files within our current folder.

dir

If you want to learn more about commands, please check out these links:

 

Install React on Windows

There are two ways to install React for your projects. Let’s look at each approach so that you can decide which one you prefer to use.

 Option 1 

  • Create a project folder
  • Change to the project folder
  • Create a package.json file
  • Install React and other modules you choose

This install option allows you to full control over everything that is installed and defined as dependencies.

Step 1: To get started, we need to open a command prompt.

Step 2: Create a project folder named reactproject1:

mkdir reactproject1

Press Enter to execute the command, and we get a new directory called reactproject1. If you did this as part of the Command Prompt examples, you could skip this step as it will tell you that it already exists.

Step 3: Move to the project folder, using cd reactproject1, so we can install React into it.

cd reactproject1

At this point, you will see your prompt indicate C:\Users\ReactUser\reactproject1.

Step 4: Create a package.json file, the following command will walk you through creating a package.json file.

npm init

Step 5: Install React and other modules using npm install — save react, thiswill install React into your project and update the package.json file with dependencies.

npm install --save react

We can install additional packages using npm install — save and the name of the package we want to install. Here we are installing react-dom: npm install — save react-dom

npm install --save react-dom

 

 Option 2 

  • Install Create-React-App package to simplify the process of creating and installing React into your projects

 

 

Step 1: To get started, we need to open a command prompt and type npm install -g create-react-app. This installs the Create-React-App module which makes it very easy to create and deploy React into projects with a single command.

Note
When using create-react-app ensure you are in the desired directory/folder location as this command will create the project folder in the current path.

npm install -g create-react-appCreate-React-App is installed in the following location: C:\Users\<username>\AppData\Roaming\npm\node_modules\create-react-app\

Once Create-React-App is installed, we can use it to create a project folder and install React and dependencies automatically.

To make sure you are in the desired directory when creating a new project, you can use dir to see where you are, and cd <directory_name> or cd.. to get to the desired location.

Step 2: To create a new project and deploy React into it, we run create-react-app <project_name>. Let’s do this to create reactproject2.

create-react-app reactproject2

The entire process is automated and begins with creating a new React app folder for the project, then installs packages and dependencies. The default packages include react, react-dom, and react-scripts. The installation will take a few minutes.

Run a React Project Application

To run our new project, we need to use the command prompt to change to the project folder, then start it. The cd reactproject2  command will take us to the reactproject2 folder.

cd reactproject2

And npm start will run the project application.

The default browser will open and load the project:

To learn more about React, you may find these links helpful:

You now have your environment set for building out projects!  If you running our lightning fast servers our support team is at your fingertips for any questions you may have.

How to Install Apache on a Windows Server

Reading Time: 4 minutes

When looking to host web sites or services from a Windows server, there are several options to consider. It is worth reviewing the strengths and weaknesses of each to determine which one is most likely to meet your particular needs before you spend the time installing and configuring a web service. Some of the most common web servers available for Windows services are Tomcat, Microsoft IIS (Internet Information Services), and of course the Apache server. Many server owners will choose to use a control panel which manages most of the common tasks usually needed to administer a web server such as e-mail and firewall configuration. At Liquid Web that option means you’re using one of our Fully Managed Windows Servers with Plesk. Alternately, some administrators who need more flexibility choose one of our Core or Self-Managed Windows Servers. This article is intended for the latter type of server with no Plesk (or other) server management control panel.

Pre-flight

This guide was written for 64-bit Windows since a modern server is more likely to use it. There are a few potential issues with Apache on Win32 systems (non 64-bit) which you should be aware of and can find here.

Downloading Apache:

While there are several mirrors to choose from for downloading the pre-compiled Apache binaries for windows, we’ll be using ApacheHaus for our purposes.

Download Here:

Apache 2.4.38 with SSL

(This is the 64-bit version with OpenSSL version 1.1.1a included.)

If you would like to use a different version they are listed here:

Available Versions Page

 

Install Apache on Windows

We will assume that you have installed all the latest available updates for your version of Windows. If not, it is important to do so now to avoid unexpected issues.

These instructions are adapted from those provided by ApacheHaus where we obtained the binary package. You may find the entire document in the extracted Apache folder under the file “readme_first.html”.

 

Visual C++ Installation

Before installing Apache, we first need to install the below package. Once it has been installed, it is often a good idea to restart the system to ensure any remaining changes requiring a restart are completed.

  1. Download the Visual C++ 2008 Redistributable Package and install it. It is located here.
    Note:
    Download the x64 version for 64 bit systems.
  2. Restart (optional but recommended).

 

Apache Installation

  1. Extract the compressed Apache download. While you can extract it to any directory it is a best practice to extract it to the root directory of the drive it is located on (our example folder is located in C:\Apache24). This is the location we will be using for these instructions. Please note that once installed you can see Apache’s base path by opening the configuration file and checking the “ServerRoot” directive).
  2. Open an “Administrator” command prompt. (Click the Windows “Start” icon, then type “cmd”. Right-click the “Command Prompt” item which appears, and select “Run As Administrator.”)
  3. Change to the installation directory (For our purposes C:\Apache24\bin).
  4. Run the program httpd.exe.
  5. You will likely notice a dialogue box from the Windows Firewall noting that some features are being blocked. If this appears, place a checkmark in “Private Networks…” as well as “Public Networks…”, and then click “Allow access.”
  6. As noted in the ApacheHaus instructions:

“You can now test your installation by opening up your Web Browser and typing in the address: http://localhost

If everything is working properly, you should see the Apache Haus’ test page.“

To shut down the new Apache server instance, you can go back to the Command Prompt and press “Control-C”.

  1. Now that you have confirmed the Apache server is working and shut it down, you are ready to install Apache as a system service.
  2. In your Command Prompt window, enter (or paste) the following command:

httpd.exe -k install -n "Apache HTTP Server"

Output:

Installing the 'Apache HTTP Server' service
The 'Apache HTTP Server' service is successfully installed.
Testing httpd.conf....
Errors reported here must be corrected before the service can be started.
(this line should be blank)

  1. From your Command Prompt window enter in the following command and press ‘Enter.’services.msc

Look for the service “Apache HTTP Server.” Looking towards the left of that line you should see “Automatic.” If you do not, double-click the line and change the Startup Type to “Automatic.”

  1. Restart your server and open a web browser once you are logged back in. Go to this page in the browser’s URL bar: http://localhost/

Configure Windows’ Firewall

To allow connections from the Internet to your new web server, you will need to configure a Windows Firewall rule to do so. Follow these steps:

  1.  Click the “Windows Start” button, and enter “firewall.” Click the “Windows Firewall With Advanced Security” item.
  2. Click “New Rule” on the right-hand sidebar.
  3. Select “Port,” and click Next. Select the radio button next to “Specific remote ports:” Enter the following into the input box: 80, 443, 8080

  4. Click Next, then select the radio button next to “Allow the connection.”
  5. Click Next, ensure all the boxes on the next page are checked, then click Next again.
  6. For the “name” section enter something descriptive enough that you will be able to recognize the rule’s purpose later such as: “Allow Incoming Apache Traffic.”
  7. Click “finish.”

  8. Try connecting to your server’s IP address from a device other than the one you are using to connect to the server right now. Open a browser and enter the IP address of your server. For example http://192.168.1.21/. You should see the test webpage.
  9. For now, go back to the windows firewall and right-click the new rule you created under the “Inbound Rules” section. Click “Disable Rule.” This will block any incoming connections until you have removed or renamed the default test page as it exposes too much information about the server to the Internet. Once you are ready to start serving your new web pages, re-enable that firewall rules, and they should be reachable from the Internet again.

That’s it! You now have the Apache Web Server installed on your Windows server. From here you’ll likely want to install some Apache modules. Almost certainly you will need to install the PHP module for Apache, as well as MySQL. Doing so is beyond the scope of this tutorial; however, you should be able to find a variety of instructions by searching “How to Install PHP (or other) Apache module on Windows server,” or similar at your favorite search engine.

 

5 Android/iPhone Apps for IT Admins

Reading Time: 3 minutes

As administrators for our servers, we may find ourselves needing to do certain things while on the go. We may also not have a laptop or PC within reach. But one thing most of us have at all times is a cell phone. Whether we have an Android or an iPhone, most of us do possess a smartphone. One thing great about these smartphones is their constant connection to the Internet. Having that constant connection makes it simple to use various apps that assist with admin tasks through our smartphones. Here is a list of five applications available both on iPhone and Android. If you are interested in checking them out, click on your phone’s type next to the application name. You can also search for these applications by name in your smartphone’s app store. Continue reading “5 Android/iPhone Apps for IT Admins”

How to Secure a Site in IIS

Reading Time: 6 minutes

When investigating site infections or defacing on a Windows Servers, the most common root cause is poor file security or poor configuration choices when it comes to how IIS should access file content.  The easiest way to prevent this is to start with a secure site.

Setting up a website in IIS is exceedingly easy, but several of the default settings are not optimum when it comes to security or ease of management.  Further, some practices that used to be considered necessary or standards are no longer or were never necessary, to begin with. As such, we recommend that you follow these steps to set up a website to ensure that it is set up correctly and securely. And while some of these setting or permission changes may seem nitpicky, they go a long way on systems that host multiple domains or multiple tenants as they prevent any cross-site file access.

 

Add the Site to IIS

To add a website in IIS (Internet Information Services),  open up the IIS manager, right-click on Sites, and select Add Website.When adding a site to IIS, we typically recommend using the domain name as the “Site name” for easy identification.  Next, under “Physical path”, you will need to supply the path to where your website content is located or use the “” to navigate to and select the folder.  Configuration options under “Connect as…” and “Test Settings…” do not need to be modified.

When it comes to configuring site bindings, popular belief suggests that you should select a specific IP from the “IP address” drop dropdown; however, that is based on out of date practices typically in relation to how SSLs used to require dedicated IPs.  This is no longer necessary and can actually cause issues when getting into any eplicated or highly available configuration, so it is best to leave IP addresses set to All Unassigned and type the domain name you plan to host in the “Host name” field. Do note that you can only supply one value here; additional host names can be added after creating the site by right-clicking on the site and going to Bindings.  Further, depending on your needs, you may opt to select “https” instead of “http”. To host a site with an SSL, please visit our article on the subject after setting up the site to add an SSL and configure it.

 

Set the Anonymous User

Technically that is all you need to do to set up a site in IIS; however, the site may or may not work, and the security settings on the site are not optimum. The next step in securing your site is to configure the IIS user that will access your files. To do this, you will need to change the associated Anonymous user and make a few security changes on the website’s content folder.

In IIS, select your new site on the left, in the main window double click on Authentication, select Anonymous Authentication, and then click “Edit…” on the right action bar.

 

What is IUSR in IIS?

By default, a new site in IIS utilizes the IUSR account for accessing files.  This account is a built-in shared account typically used by IIS to access file content. This means that it will use the application pool’s identity (user) to access file content.

It may be okay to leave this configured if you only plan on hosting one domain; however, when it comes to hosting multiple domains, this is not secure as it would then be possible for any site using the same account to access files from another site.  As such, and as a standard practice, we recommend switching away from using the IUSR account for sites, and instead selecting “Application pool identity” and clicking OK. Alternately, you could manually create a user on the system for each site; however, then you need to manage credentials for an additional user, need to configure permissions for two users (the anonymous user and the application pool user) and possible complications with password complexity and rotation requirements your server or organization may have.

There is nothing further you need to configure in IIS in terms of security; however, for reference, let’s take a look at the application pool settings really quick.  To check the settings on the application pool, in IIS, select Application Pools on the left menu, select the application pool for the site you created (typically the same name as the name of the site), and then click “Advanced Settings…” on the right action bar.

In here, the related setting is the identity, which by default is “ApplicationPoolIdentity”.  This means to access file content, IIS and the associated application pool will use a hidden, dynamic user based off the name of the application pool to access files.  This user has no associated password, can only be used by IIS, and only has access to files specifically granted to it. As such, it removes the requirement of managing system users and credentials.

 

Set Folder Permissions in IIS

Now, as mentioned, the “ApplicationPoolIdentity” user has very few permissions, so the next and last step is to ensure that the website files have proper security settings set on them. Browse through your file system and find the folder where you plan on hosting your site’s files. Right-click on the folder and go to properties. In the properties interface, select the Security tab.

By default, there are a number of security permissions set up on the folder that are unnecessary and potentially insecure (there may be more than shown here).  To best secure a site, we recommend removing all but the “SYSTEM” and “Administrators” groups and adding the “ApplicationPoolIdentity” user (and possibly any other user you may require, such as an FTP user); however, to do this, you will need to disable inheritance.  To do this, click on “Advanced”, then click on “Disable inheritance”.

 

Here you will get a popup asking if you want to copy the current settings or start with no settings.  Either option can work; however, it is easier to copy the current settings and then remove the unnecessary permissions.  So select “ConvertConcert inherited permissions into explicit permission on this object” and then click OK.

At this point, to remove the unnecessary permissions, click Edit and remove everything other than the “SYSTEM” and “Administrators” groups.  Next, you need to add the “ApplicationPoolIdentity” user to this folder. To do this, click “Add…”. Now, depending on your server configuration, you may get a pop-up asking for you to authenticate to an active directory domain.  Simply click the cancel button a few times until you get the Select Users of Groups screen shown below.

On this screen, you will want to make sure that the “Location” selected is your computer.  If it is not, click “Locations…” and select your computer (should be at the top; you may also need to click cancel on some authentication windows here as well).

The “ApplicationPoolIdentity” user is a hidden user, so it is not possible to search for this user.  As such, you will have to type the username to add it. The username you will need to type is “IIS AppPool\<applicationpoolname>“.  Please see the following example and fill yours out accordingly:

Once you type the user name, click OK.  Now that you’ve added the user, which is by default only granted read permissions, you will want to verify your security settings look similar to the following image, and then click OK.

And with that, you’re done and have a secure site ready to be viewed by the masses without needing to fear that hackers will deface it.

 

Securing within Powershell

As a bonus, if you’re looking to get your fingers wet with some Powershell, the steps covered in this article can also be accomplished on a Windows Server 2012 or newer server through Powershell.  Simply fill out the first two variables with your domain name and the path to your content, and then run the rest of the PowerShell commands to set up the site in IIS and configure folder permissions.

[String]$Domain = ‘<domain_Name>’

[String]$Root = ‘<path_to_your_content>’

Import-Module WebAdministration

#Create App pool & Website
New-WebAppPool -Name $Domain
New-Website -Name $Domain -HostHeader $Domain -PhysicalPath $Root -ApplicationPool $Domain
Set-WebConfigurationProperty -Filter system.webServer/security/authentication/anonymousAuthentication -Location $Domain -PSPath MACHINE/WEBROOT/APPHOST -Name userName -Value ''

#Optionally add www. Binding
New-WebBinding -Name $Domain -HostHeader www.$Domain -ErrorAction

#Remove inheritance (copy)
$ACL = Get-ACL $Root
$ACL.SetAccessRuleProtection($True,$True) | Out-Null
$ACL.Access | ?{ !(($_.IdentityReference -eq 'NT AUTHORITY\SYSTEM') -or ($_.IdentityReference -eq 'BUILTIN\Administrators')) } | %{ $ACL.RemoveAccessRule( $_ ) } | Out-Null
$ACL | Set-ACL

#Add IIS user permissions
$ACL = Get-ACL $Root
$acl.SetAccessRuleProtection($False, $True)
$Rule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS AppPool\$Domain", "ReadAndExecute", "ContainerInherit, ObjectInherit", "None", "Allow")
$acl.AddAccessRule($Rule)
$acl | Set-Acl

Additional Notes: In some cases, sites may need additional write or modify permissions on specific files or folders for file uploads, cache files, or other content.  It is important that you do not apply modified permissions to the entire site. Instead, modify specific directories or files as needed. To apply these settings, go to the file or folder that needs modification, right-click on it, and select Properties.  Switch to the Security tab and click Edit. In there, select the user that has the name of the website (liquidweb.com in my example above), select modify under the Allow column, and then click OK. This will give the ApplicationPoolIdentity and IIS the ability to write to or modify the file(s) or folder(s).

Still need additional protection for your Liquid Web server?  Our Server Protection packages provides a suite of security tools especially for Windows servers.  You’ll get routine vulnerability scans, hardened server configurations, anti-Virus and even malware cleanup, should your site get hacked. Don’t wait another vunerable minute, check out how we can protect you.

 

How to Check Server Load on a Windows Server

Reading Time: 6 minutes

What Does Server Load Mean?

Checking a server’s load allows us to evaluate server resources and confirm they are sufficient for any running application. It enables us to troubleshoot slow performance and reliably pinpoint any server resource that may need attention.

While there are many tools and options available, today let’s focus on Windows Task Manager as a way to help us quickly see what is going on, and interact with applications, processes, and services to identify the load. This article will also include an introduction to Resource Monitor as it can be opened from Task Manager to provide more detail.

Ways to start Task Manager

  • Click the Start menu and type task… then choose Task Manager
  • Right-click the Taskbar area and choose Task Manager from the menu
  • Press Ctrl+Alt+End keys on the keyboard when in a Remote Desktop session
  • Run the command taskmgr

Let’s bring up the Task Manager and take a look at what it has to offer.

On systems where it has never been used, you may find Task Manager offering this very uninteresting display. Click More details to discover the treasure trove of information it is hiding.

Task Manager provides quick access to Processes, Performance, Users, Details, and Services. We’ll go through each tab to see what they have to offer and discover what to look for when checking server load.

Processes

The Processes tab shows us everything that is running in the system and the amount of CPU and memory resources it is using. At the top, we can see the total CPU and memory utilization.

By clicking the CPU or Memory column headings, we can sort the processes list by that criteria, and use the sort arrow to determine whether to sort from highest to lowest usage or the opposite. You can click on any individual process and end the task, see resource usage, and more.

Troubleshooting Tip:
If we see a particular application is using a high amount of the CPU or memory, it may be a potential source of performance issues. In the example above, we can see this server is using 78% of memory and only a very small amount of the CPU.

Performance

Performance tab has the most visual display of information and allows us to select from CPU, Memory, and Ethernet views to show activity over a 60 second period. With this view, we can identify spikes or see the trend over time to determine if a condition is temporary or sustained.

 

CPU Performance

CPU performance information shows us the type of CPU and speed, the number of processes, threads, and handles in use, as well as the number of virtual CPUs, in most cases. We can also see how long the system has been up (up time). This last bit of information can tell us how long the server has been running, confirm if it successfully completed a restart, or if it rebooted unexpectedly due to running out of resources.

Troubleshooting Tip:
In this example, we see the CPU is at 94%. If this level or higher is sustained over a long period of time, server performance will be sluggish, and it could affect the stability of the system. Sustained high CPU use is an indicator the system is struggling. We need to look at other systems to determine whether it is due to applications or insufficient physical memory that pushes the system to use virtual memory. Doing this will cause the CPU and disk resources to spike and remain high.

 

Memory Performance

Memory Performance information shows us the total amount of memory in the system as well as what is in use and available. Committed represents virtual memory and the pagefile (an extension of RAM) on disk. Cached represents memory used by Windows, and the Paged pool represents memory used by Windows that can be paged out to the pagefile on disk if memory starts running low. Non-paged cannot be paged to the pagefile.

Troubleshooting Tip:
n this example, we see the CPU is at 94%, Memory is at 90%, and we are using virtual memory. When looking at the Committed Memory, we can see that virtual memory is 2.7 GB while the pagefile is 4.9 GB. In this example, we have not maxed out the pagefile. If we find the system is continuously running with the CPU and Memory at or above 90%, it is a strong indicator to add physical memory to the system to reduce the use of virtual memory.

 

Ethernet Performance

Ethernet performance information shows us the type of network adapter and the amount of resources it is using with a graphed line for both send and receive as well as numeric values for data being sent. We can also see the Adapter name, Connection type, and the IP address(es) assigned. Right-clicking on the graph will allow us to see network details including network utilization, link speed and state, bytes send and received, etc. On the Performance tab, we also have the option to launch Resource Monitor to see even more detail.

 

Users

The Users tab shows us a list of all the users connected to the server and how much CPU and memory resources the user is utilizing. We can click on a specific user to Disconnect them, send them a message, or take over their session if we have Administrator rights. In the context of checking for load, we can determine if a specific user is consuming too many resources or has disconnected from a session, leaving it running in memory, and choose whether to log the user out to free up resources.

Details

The Details tab shows us a list of all the running programs and processes along with their PID (Process ID) number, whether the program is running or suspended, the user name it is running under, the amount of CPU and memory it is using, and a description of the process. You can click any of the column names to sort by that column in highest to lowest or the opposite order. The PID number can be very helpful to track down a specific process that is referenced in event logs. Right-clicking an item allows us to choose options including:

  • ending a process or process tree
  • set a priority for the running process
  • establish affinity to a specific processor or all processors
  • additional options

 

Services

The Services tab shows us a list of service names, their PID (Process ID) numbers, a description of the service, the status as either stopped or running, and the Group the service is running under. Right-clicking on a service allows us to start, stop, restart, and access additional options. We should be careful not to change the status of some services as they depend on others, and stopping the wrong one could have unintended consequences on the system or devices. To learn more about a service, we can right-click it and choose Search Online.

How Do I Check My Resouce Monitor?

Ways to start Resource Monitor

  • Click the Start menu and type resource… then choose Resource Monitor
  • Right-click the Taskbar area and choose Task Manager from the menu, then from Performance tab choose Open Resource Monitor
  • Run the command resmon

Let’s bring up Resource Monitor and take a look at what it has to offer. You’ll find this has more depth but is very similar to the information available from Task Manager. For this reason, we’ll only cover the overview and a brief description of each tab in this article.

Overview provides us with data on CPU, Memory, Disk, and Network options and graphs all on one page with the option to expand or collapse each section. It will also show current usage of a resource as well as the highest active time. Clicking individual sections provides more detail.

CPU shows processes, services, associated handles, and modules, and will show individual CPUs and their load in addition to total CPU.

Memory shows processes in addition to a breakdown of the physical memory and graphs to show commit charge which relates to use of the pagefile and the number of hard faults per second which can be an indicator of how many times Windows has to access the swap file. If your system is showing hundreds of hard faults per second, this indicates a need more physical memory.

Disk shows the processes in addition to a breakdown of how much each task is reading and writing to disk. The graphs show total disk activity in addition to Queue Length. Disk Queue length indicates how many disk I/O operations are queued up waiting for their turn to be processed by the disk. If we find that the highest active time is above 80% and the disk queue length is 2 or higher, it means processes are waiting, and the performance of the disk is affecting the overall performance of the system. In many cases, this number will be high due to a system that lacks sufficient physical memory and is constantly paging information to disk or relying too heavily on virtual memory. It will often be accompanied by a CPU running above 90% for sustained periods.

Network shows the processes with network activity, in addition to TCP connections and listening ports, and graphs to show network transfer and TCP connections. Sustained high network utilization can indicate congestion issues and a need for more capacity.

Still having trouble determining what is bogging down your server?  With Liquid Web’s servers, you can talk to a experienced support tech night or day.  Our techs have the expertise needed to help determine bottlenecks in your system. Switch to Liquid Web today and get the support you’ve been looking for!

Troubleshooting: Locked Out of RDP

Reading Time: 3 minutes

How Do I Get Back Into RDP?

You may be working from a local machine that has an IP that is not scoped on that RDP port, making it impossible for you to gain remote access to add the IP address to the RDP rule’s scope. Do not fret; there is a simple and quick way to add your IP to the RDP scoping (or any others entities such as MySQL or MSSQL) right through your Plesk interface in your local browser. Continue reading “Troubleshooting: Locked Out of RDP”

How to Install VirtualBox on Ubuntu 16.04

Reading Time: 3 minutes

What is a VirtualBox?

This is handy when you need to run software that is only available on one Operating System, for example, if you wanted to run Windows software on your Ubuntu computer or vice versa. The only limitations are RAM and disk space for running each virtual machine. Continue reading “How to Install VirtualBox on Ubuntu 16.04”

Install SSL Certificates in a Windows Server

Reading Time: 4 minutes

About SSL

SSL Certificates secure the web today using Transport Layer Security (TLS). This is a network protocol which encrypts the data between the web server and the visitor. Most websites today are using SSL, and you can see this every time a website starts with https:// instead of http://. This indicates the website is securely encrypting data between you and the server so that no attackers can easily sniff the network packets and capture your logins.

SSL protects the web today and is utilized by almost every corporation and business and acts first step in user security. SSL is a way to protect logins and forms that you enter from being intercepted unknowingly by a 3rd party on your network.  If your website does not incorporate SSL, we suggest implementing it as soon as possible, and you can use our guide to do it!

 

Generating the Certificate Request (CSR)

Before ordering your SSL, you will need to create a certificate request for the certificate authority to issue an SSL.

Step 1: To begin, the first thing you need to do is open IIS. If you do not have a shortcut for it, you can search your computer for inetmgr.exe and open it that way. From here you will click on your server name:

Step 2: Then double-click “Server Certificates“.
Step 3: Once you have done that, you are ready to create your certificate request.

On the right-hand side, select ‘Create Certificate Request

At this point, you will be asked for information about the certificate and the company requesting the certificate.
This info of your the company or org. is needed to fill out a CSR request.

Once you have filled this out, click Next.

It will bring you to the following screen:

Step 4: We suggest using the settings above, making sure the Bit Length is set to 2048 or higher. We like to go with 4096 and click Next.  On the subsequent screen, you need to specify a filename where your Certificate Request or CSR can be exported. For simplicity, we would like to export the CSR to C:\example.com.csr.txt

 

Ordering the SSL

At this point, you are ready to order your SSL certificate!

Step 1: Go ahead and go to your chosen SSL provider, whether it be GlobalSign, Liquid Web, or any numerous other certificate authorities.

Step 2: When you are signing up for the SSL, it will ask you for the CSR data we saved at C:\example.com.csr.txt – Copy and paste the contents into the certificate authorities website and it will generate all the same fields we entered in the previous steps.

Step 3: Finish your order, and they will provide you with a .crt certificate file. Download this file and copy it to your web server. For simplicity, copy it to C:\example.com.cer

Great! Now you have created a certificate request and completed it with the certificate authority and have your new SSL certificate ready to be installed.

 

Installing the Certificate in IIS

Step 1: Open up IIS/inetmgr.exe and navigate to the server as we did in the beginning.

Step 2: Navigate to Server Certificates. Now, instead of selecting ‘Create Certificate Request’ you will select ‘Complete Certificate Request

Step 3: It will prompt you for the location of the new certificate, which we saved at C:\example.com.cer and to make things easier on ourselves later, we will name the friendly name example.com-01 so that we know this is the first SSL for this domain in case we want to renew it later.  Once you hit OK, you should see your certificate in the list of server certificates in IIS.

Great! Now you have generated the certificate request, completed it, and installed your certificate on your web server. Now you need to bind the certificate to your website.

 

Binding the SSL Certificate to a Website

Step 1: In IIS, browse to Sites > example.com (where you want the SSL certificate installed).

Step 2: Right-click on your site and select ‘Edit Bindings‘ or if you click on the site, you will see Bindings on the right-hand side.

This will open a window that looks like the following:

Step 3: If you already have the https binding setup for your site, you will simply double-click on the https bindings and select the desired SSL certificate from the drop down. If you haven’t created an https entry in your bindings already, click Add. On the right-hand side and you will see the following window:

Step 4: First, set the Type to https so your website knows the request is for a secured URL.

You will want to set the IP Address as needed based on your host. In my case, All Unassigned.
Port should be automatically set to 443, if not, do so. (This is the port defined for secured communications.)

Step 5: Set the Host Name to example.com (your domain). In most cases, you will want to check Require Server Name Indication. In our case, we do not need it because this is the only certificate on this IP address. Select your SSL certificate from the drop-down!

Select OK and do it all again, this time instead of setting the host name to example.com, you will want to set it to www.example.com. This is because we only set it up for requests from https://example.com, but https://www.example won’t register as secured until we add the second binding entry.

Note:
If you are setting up a wildcard SSL, you will want to add a third entry for *.example.com so that it can secure any subdomain of your website.

Testing Your New SSL

First, you will want to access your domain at https://example.com and https://www.example.com to see if there are any errors. An easy way to tell if the certificate is functioning properly is to input your domain into SSL Shopper. Try it with and without the “www” to confirm both work. If everything is working, you should see several green checks and no errors. The certificate expiration date will be at least one year from the day you ordered the SSL originally.

That’s it! You have successfully installed a brand new SSL for your website that works both with www and without it. Congratulations! Now you can follow these steps to secure all of your websites and applications.

Liquid Web makes it easy to purchase new SSLs. Simply log in to manage.liquidweb.com, clicking Add, and select SSL Certificate.  Here you can simply input the CSR you generated in Step 1, and it will order an SSL and give you back the certificate file needed to complete the installation.

If you have a Core-Managed Windows server at Liquid Web, we can help you through this process and diagnose any issues you may have run into. We also assist with SSL on Self-Managed if they buy the SSL from Liquid Web.

 

How Do I Set System Variable Path for Python on Windows?

Reading Time: 2 minutes

Python is a powerful programming language that is scalable and uses code that is readable and clear for all types of projects. Python is also available across a number of operating systems, making it a popular choice for developers. If you are using Python on your Windows operating system, you may need to adjust your System Environment Variables to simplify utilizing Python on your server.

The latest installers for Python for Windows can set the System Environment Variable Path automatically if you choose that option during the installation. To verify if this setting is correct, open an administrative command prompt (right-click on the command prompt and choose “run as administrator”) and type the word python, then press Enter. If the System Variable Path is correctly set, you should receive output similar to what is shown below.

Note:
Python software installation is considered Beyond Scope Support. This means it is not covered under our managed support, but we will do what we reasonably can to assist. It may take longer for us to assist as the SLA for Beyond Scope Support is different than our managed services. Find out more in our article What Is Beyond Scope Support?

If you receive an error indicating that the command is unknown, but you’ve confirmed that Python is installed and can be launched from its directory, you will probably need to add the Python variables to the System Environment Variables. By following these quick steps, you’ll be able to access Python from any command prompt.

  1. From the server desktop, click the Windows icon and search for “Environment Variables”. Press Enter to launch the System Properties dialog.

  2. This will open the System Properties dialog. Click Environment Variables to make the necessary changes.

  3. Create a new User Variable named: Path and Variable value: C:\Users\*yourusername*\AppData\Local\Programs\Python\Python37 (change the variable value to match your actual installation path).

  4. Next, find the System variable called Path and click Edit.

  5. Create a New entry that matches the Path variable that you created. Add \Scripts to the end of the entry (the new entry should look like C:\Users\*yourusername*\AppData\Local\Programs\Python\Python37\Scripts\

  6. You can verify that you have completed this successfully by opening a new administrative command prompt from any location and typing “python” (without the quotes). You should receive a response similar to what is shown above.

Troubleshooting Microsoft SQL Server Error 18456, Login failed for user

Reading Time: 4 minutes

Login errors with Microsoft SQL Server (MSSQL) are a fairly common issue and can be easily solved with some basic troubleshooting steps. Before we dig in, let’s take a look at the details of the error to try and determine the cause.

Solutions to Microsoft SQL Server Error 18456

Sometimes, the error presents as “login failed for user ‘<username>’,” this information will help us as we identify the user we need to troubleshoot. From the message, we’ll know the error number as a reference to search for next steps. In this case, it is Microsoft SQL Server, Error: 18456.

Other times, we may only see “Microsoft SQL Server Error 18456” along with severity and state number. On its own, a state number might not mean much, yet it can offer more details as to what is wrong and where to look next.

These states of the error, 18456, are the most common. The descriptions and potential solutions offer a quick explanation and potential troubleshooting guide.

For Microsoft SQL Server Error 18456, there are several solutions for solving the issue.

Step 1:  Log In with Remote Desktop

The troubleshooting and solutions require you to login to the server or at least be able to make a Windows Authentication connection to MSSQL using Microsoft SQL Server Management Studio. The most common and easiest method is to connect directly to the server with a Remote Desktop Connection. If you need more information about Remote Desktop Connection, these Knowledge Base articles will help you get connected:

Step 2: Run Microsoft SQL Server Management

Once you are logged into the server, you’ll want to run Microsoft SQL Server Management Studio (SSMS). SSMS is the tool best suited to configure, manage, and administer MSSQL.

When you start SSMS, you will be asked to log in to the server. By default, most MSSQL servers have Windows Authentication enabled, meaning you must log in with the Windows Administrator or the account specified as the SQL Administrator when MSSQL was installed and configured.

In addition to Windows Authentication, MSSQL supports SQL Server Authentication. Depending on the version of MSSQL and how it was installed and configured, you may or may not have SQL Server Authentication enabled by default.

Step 3: Checking the Server Authentication Mode

Once we login to SSMS using Windows Authentication, we need to check the security settings to confirm whether MSSQL is set up to allow both Windows and SQL Authentication.

In SSMS, right-click the Server Name at the top of the Object Explorer window and choose Properties.

Next, click the Security page.

If you find Windows Authentication is the only mode configured, this is the likely cause of Error 18456, Login failed for user ‘<username>’.

Setting the Server authentication mode to allow SQL Server and Windows Authentication, you will be able to login to MS-SQL with a SQL user and password or a Windows user and password. After making this change, you will need to restart the SQL Server service.

 

Step 4: Restart the SQL Service

In SSMS, right-click the Server Name at the top of the Object Explorer window and choose Restart to apply the new authentication mode settings.  

In the above example, Windows Authentication mode was the only mode configured, and the Error 18456 occurred because the user ‘sa’ is a SQL user and SQL Server Authentication was not permitted.

 

Step 5: Checking SQL User Permissions

As we check the SQL user permissions, we need to answer the following questions:

  • Is the user allowed to log in?
  • Does the user have a valid password set up?
  • Does the user have the needed permissions for access to the desired database?

In SSMS Object Explorer, expand Security, Logins. Locate the user that was failing to log in. A red x on the user indicates this user has login disabled.

To allow the user to login, right-click the user and choose Properties, then click the Status page. Enabling login for the user and click OK.

After refreshing the list user logins, we can confirm the user no longer has a red x present. This should allow the user to log in. In this example, the SQL user ‘sa’ failed to log in because there was no permission to log in. 

Continuing with user troubleshooting, right-click the user and choose Properties, then click the General page. Here you can enter a new password and then enter the confirmation password. Click OK to save the new password. We set a new password for the user so that we are certain of the password when we attempt to log in.

Step 6: Mapping the User to the Database

Our last step in troubleshooting a user is to check user mapping to verify the user has access to the desired database and to set or verify their role for the database. Right-click the user and choose Properties, then click the User Mapping page. Select the Database from the list of databases. From the database role memberships, select the desired/required memberships. Click OK.

In this example, we mapped the user ‘ProdX709’ to the database Production X709.2019 and granted them database role db_owner. In many cases, you only need a user to have db_datareader and db_datawriter roles to be able to read and write to the database.

 

In this troubleshooting article, we learned how to identify specifics of Error 18456 to help us track down the root cause of the issue. Still looking for support?  Our MSSQL database solutions come with assistance from our technical support team. Find out how our high-availability database can work for you!