Blocking countries that you wish to exclude

A long time back, we found that none of our products and services are applicable to the Chinese and Korean market. However my mail servers continued to get a lot of spam from these sources – which was weird!

At some point I came across Okean (www.okean.com)  and started using their list to prevent access from such sources. I find it works great; and here’s the NETSH command used to perform the block on a windows box:

netsh advfirewall firewall add rule name="IP Block" dir=in interface=any action=block remoteip=x.x.x.x/32

server-to-server-transfer-notes

Transferring servers

  • Compress all unused / extra-low-usage stuff and ship it out first
  • DNS

Bulk transfer is the best way to do this.

  1. Use DNSCMD to bulk list all zones
  2. Allow them to transfer to a secondary
    dnscmd . /ZoneResetSecondaries testing.com /NonSecure
  3. Add them to the new server as secondary
    dnscmd . /ZoneAdd testing.com /Secondary (old-server-IP) /file testing.com.dns
  4. Give them 48 hours to sync correctly, optionally expand each zone and confirm that it’s actually synced
  5. Convert to primary
    dnscmd . /zoneresettype testing.com /primary /file testing.com.dns
  6. use this VBS script to ensure all the records are converted
    1.1.1.1 = old IP, 2.2.2.2 = new IP

    ---
    strComputer = "."
    Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & strComputer & _
    "\root\MicrosoftDNS")
    
    Set colItems = objWMIService.ExecQuery("Select * from MicrosoftDNS_AType")
    
    For Each objItem in colItems
    If objItem.RecordData = "1.1.1.1" then
    dim zone
    zone = objItem.ContainerName
    dim rr 
    rr = Replace(objItem.OwnerName,"." & objItem.ContainerName,"")
    if rr=zone then
     rr=zone & "."
    end if 
    Wscript.Echo "dnscmd /recorddelete " & zone & " " & rr & " A /F "
    Wscript.Echo "dnscmd /recordadd " & zone & " " & rr & " A 2.2.2.2 "
    Wscript.Echo
    End If 
    Next
    -----
  • IIS

Use the IIS bulk transfer tool. This moves everything including SSLs and whatnot – but it does not move dependencies. You will need to ensure dependencies are installed using Web Platform installer else you won’t have a track record of what’s there & what’s not.

BUT it does not work for > 4GB sizes. Batch transfers get tricky as the new transfer may negatively impact the past imports…

  1. Use the Server > Management > Shared Configuration  option to export the config only
  2. Transfer the files by hand
  3. On the new box, use Server > Management > Shared Configuration to import the config.
  4. Note: Username/password relates to folder security and NOT the file encryption password.
  5. Install PHP as per your preference – I use 5.3.9 MSI installer for convenience. DO NOT select “ALL extensions” – keep it default and add more as you NEED to. Some of them malfunction causing whole PHP framework to crash.
  6. Be sure to install all the VC++ libraries needed by PHP. This is very confusing and I chose to install ALL varieties (x86 AND x64, VC9, VC11, VC15) and then it worked smoothly. Doesnt take long to install though.
  7. ASP.NET – is uber smooth. Grab it through Web Platform installer and its a zero effort setup.

Anonymous logins cause a lot more trouble than it’s worth. Use this script to fix the issue permanently:

Dim Siteobj
Dim Site
Dim SiteName
Dim SiteId

Set SiteObj = GetObject("IIS://localhost/W3SVC")

for each Site in Siteobj
 
 If Site.keytype="IIsWebServer" Then 
 if Site.AnonymousUserName<>"" then
 
 WScript.Echo Site.ServerComment
 WScript.Echo Site.AuthAnonymous

Site.AnonymousUserName="" 
Site.setInfo

end if 
 End if 
Next

Beware: If you do the bulk transfer without taking care of dependencies, you WILL corrupt your IIS install. It’s harder to fix after that…

  • Database

Be sure to install database and ODBC drivers – the new ACE oledb driver (ref: http://stackoverflow.com/questions/6649363/microsoft-ace-oledb-12-0-provider-is-not-registered-on-the-local-machine) won’t work unless you install these 4 links
http://www.microsoft.com/en-us/download/details.aspx?id=23734
http://www.microsoft.com/en-us/download/details.aspx?id=13255
http://www.microsoft.com/en-us/download/details.aspx?id=39358
http://www.microsoft.com/en-us/download/details.aspx?id=50040
(I chose the 32bit version, which means in IIS application pool you’ll need to enable 32-bit execution)

Make backups “BAK” of all SQL databases and immediately thereafter delete the database / stop the server. This way the transfer state will remain consistent.

Refer to http://solutioncenter.apexsql.com/transfer-sql-logins-for-users-with-a-large-number-of-sql-authenticated-logins/ to ensure you know how to get the users list across. This article is superb for ready-to-use code too: https://support.microsoft.com/en-gb/kb/918992

Finally use this script: https://msdn.microsoft.com/en-in/library/ms187858.aspx

For MySQL:

  • do a full script export and stop the server

    mysqldump –all-databases -u root -p > mysql.txt

  • do an import on the new server

    mysql -u root -p < mysql.txt

For MongoDB: its SUPER EASY! I so love this.

  • do a mongodump and stop the server
  • mongorestore on the new server – voila! Instant running.