- How do I generate a CSR in IIS 7 on my Windows server without Plesk?
- How do I generate a CSR in IIS 5 or 6 on my Windows server without Plesk?
- How do I deny an IP address from a website with Apache and .htaccess?
- What is the best way to preview a website before changing the DNS?
- How do I password protect a website using Apache and .htaccess on a Linux server?
To generate a CSR in IIS 7 that is not running Plesk, from your Windows RDP Session, click on ‘Start' then right-click ‘My Computer' and choose ‘Manage'. This will bring up Server Manager Console and select ‘Roles > Internet Information Services Manager'. This should open up the center console where you should click ‘Server Certificates'.
On the Actions menu click ‘Create Certificate Request' which will open the Certificate request wizard.
Enter the following information:
- Common name (the part of the URL that visitors will be using to browse your site securely such as https://www.yourdomain.com, or https://secure.yourdomain.com)
- Organization (Your Company Name which your business is legally registered)
- Organizational Unit (Divisions such as Engineering or Human resources)
- City/Locality (Full city name)
- State/Province (Full state or province name)
- Country/Region (Two letter ISO standard, such as US)
Once you have filled in all of the information, click ‘Next'.
Enter a location and filename for the CSR which you can navigate to later and click Finish. Send the entire file, or copy and paste the contents of this file, to your certificate authority company who will be issuing the certificate.
To generate a CSR in IIS 5 or 6 that is not running Plesk, from your Windows RDP session, click ‘Start ‘ and Right Click ‘My Computer' and choose ‘Manage'. This will bring up Computer Management console and select ‘Internet Information Services'.
You should see a tree view of the components in IIS such as Web Sites, FTP Sites, Default SMTP, etc. Here you will want to expand ‘Web Sites' and navigate to the domain you want to generate the CSR for. Right click on the domain and choose ‘Properties'.
From the properties menu for the site, click on the ‘Directory Security tab'. Under ‘Secure Communications', press the button labeled ‘Server Certificate'.
Choose to create a new Certificate. It will then ask about preparing a certificate request. Select ‘Prepare the request now, but send it later', then click ‘Next'.
You will be at the ‘Name and Security Settings' page which you need to provide the name of your website and specify a bit length encryption (1024 or 2048) and click ‘Next'.
Next you will be prompted to enter information about the ‘Organization Information'. Enter the ‘Organization Name' and also an ‘Organization Unit if Applicable', and click ‘Next'.
You will now be at your ‘Site's Common Name"' page. It is important to understand that the ‘Common Name' is the part of the URL that visitors will be using to browse your site securely (such as https://www.yourdomain.com, or https://secure.yourdomain.com) as there can only be one per CSR request and if is not the correct one website visitors will get a security warning unless a wildcard certificate is being used. Enter the ‘Common Name' and click ‘Next'.
You will now have to specify ‘Geographical Information' which will include Country/Region, State/Province and City/Locality. Enter the appropriate values and click ‘Next'.
You will be brought to the ‘Certificate Request File Name' section, where you will choose a directory and filename that the CSR should be saved to (ie. c:\yourdomain.com-csr.txt). Click ‘Next'.
It will then give you a ‘Request File Summary', reviewing all the items you specified in the previous steps, then click ‘Next' and ‘Finish'. Locate your CSR by navigating to the directory and filename that you specified. Send the entire file, or copy and paste the contents of this file, to your certificate authority company who will be issuing the certificate.
You can deny IP address from a website by creating an .htaccess file file with the following text:
order allow, deny
deny from 192.168.123.123
allow from all
The IP will no longer be able to access the directory containing the .htaccess file, on any of its subdirectories.
Placing the .htaccess file in the root web folder will prevent the IP from accessing any part of the website.
The best way to preview your website before going live is to create an entry in the hosts file on your PC to link your server's IP address to your domain. Open the hosts file and add an entry to the bottom. Here is an example of a hosts file entry. It assumes the IP address of your server is 192.168.0.50 and the website you would like to preview is www.example.com:
This example would allow you to preview the hosting of www.example.com on 192.168.0.50 through your local web browser, even though the DNS for www.example.com has not been changed to point to 192.168.0.50.
On Windows NT and Windows 2000 machines, the hosts file can be found in c:\winnt\system32\drivers\etc
For Windows XP, Windows 2003, Windows Vista and Windows 7, the hosts file can be found in c:\windows\system32\drivers\etc
In Linux, FreeBSD and Mac OS X the hosts file is located in the /etc directory
Create a file called .htaccess in the directory you would like to password protect containing the following text:
AuthName "My Secret Folder"
The AuthUserFile directive needs to be set to the full path of where the password file will be located. You can create the .htpasswd file by logging into the server through SSH and then running the following command in the directory where the .htaccess file will be located: htpasswd –c .htpasswd <username>
You will be prompted for a password for the user which will be initially added to the password file. Additional usernames and passwords can be added with the following command: htpasswd .htpasswd <username>
The web directory and any sub directories should now be password protected.