IIS uses worker process (w3wp.exe) to work on requests from clients. Because of a variety of reasons, w3wp.exe may crash which makes the web application unresponsive. Heap Corruption (0xC0000374) is one of the common causes of w3wp.exe crashes. You will find the solution here for an issue caused by a specific bug in System Center Operations Manager.
Read More
Solution for Host Header Attack and Vulnerability
When a user tries to access a website, the browser sends Host Header to inform which address the user wants to visit. Just like other headers, attackers can temper Host Header to manipulate how the application works. In this post, I will explain a way to prevent this kind of a Host Header attack.
Read More
IIS binding limit (401.2 Windows Authentication error)
IIS can perform Windows Authentication to allow your users to a web application. This authentication process can take place on the user-mode (IIS worker process) or kernel-mode (HTTP.SYS).
Read More