Default Web Site Page

The IP address of this domain may have changed recently. Please check DNS settings and make sure domain is correctly set up. It may take 8 to 24 hours for DNS changes to spread. You can restore access to this site by following these instructions to clear the DNS cache.

You need to verify that the hosting provider has set the correct IP address in the Apache configuration and DNS records. You may need to restart Apache for the new settings to take effect.

The URL of this domain has changed, or the hosting provider may have moved the account to another server.

Protecting the Default Web Site and the Administration Website When you install IIS for the first time, two Web sites (Default Website and Administration Website) are created. Both sites have security risks and must be disabled. As shown in Figure 10.10, the default Web site contains a number of default virtual directories, many of which are mapped to system drives. This is a bad way. Some of these virtual directories are exposing potentially dangerous features that are not used on many sites. Some of them are simply samples of the location on the production server. Delete all of the following virtual directories (unless they are on the default web site) unless there is a special purpose. If you leave one of them, try to restrict who can access them.

Basement comment ... Disable default web site If you can delete the default web site, why do you want to disable all that problem? Deleting a site seems to be a better strategy, but there are good reasons to keep that site intact. First of all, many third party web applications installing virtual directories will do this by default on the first web site (W3SCV1), exposing potentially dangerous applications and sample applications. Next, delete the default Web site of IIS and if you have not set up another Web site, you will be returned to that Web site after rebooting. Also, if you delete a site and then create a new site, the new site inherits all the settings of the old site under certain conditions. Therefore, it is recommended that you terminate the site and invalidate it, and create your own website from W3SVC2. The default site is not secure, but you can include at least public by disabling it.

Many Web sites have cryptographic support via HTTPS, but they are difficult to use. For example, unencrypted HTTP is used by default, or links to sites that are not encrypted are displayed on encrypted pages. The HTTPS Everywhere extension solves these problems by rewriting requests to these sites to HTTPS using a clever technique. Firesheep steals unencrypted cookies sent over an open Wi - Fi network. This means that anyone who has Firesheep while in Starbucks can see your browsing session and get login qualification for Facebook, Twitter or other popular website To do. Using these credentials, anyone using Firesheep will be online with their Facebook or Twitter username and password and login to other social networking sites, blogs, news sites I can do it.