In recent weeks, many of our DNN websites have systematically been targeted for Spam New User Registrations. There has been some discussion around the how and why, and as much as we can tell, the problem is this:
1. Some script kiddy has bothered to write a bot that finds DNN websites. It is not even a good bot, because it is not capable of validating registrations to automated active email addresses. (If you are the creator of the bot… “YOU ARE DOING IT WRONG” as it is not going to bring the Google results you are looking for.)
2. The bot will attempt access to: www.yoursite.com /?ctl=Register
3. This brings into play the default DNN registration process module.
4. This page is currently available if your site has either Public or Verified registrations enabled.
5. Tricks on derating the bot by raising the password complexity appeared to work a short time only.
6. Enabling the inbuilt Captcha is as good as useless, as almost any OCR application can break it.
7. A better simple solution is needed.
Here at InteractiveWebs, we decided that we would enable Recapcha (a cleaver Google Initiative https://www.google.com/recaptcha/ ) that is harder to be machine broken, and test the results. We found that all the spam registrations stopped once Recaptcha was used.
To do this we created two Free DNN Modules to add Recaptcha to the URL that this bot is using to register on sites. The two modules are to support DNN 6.2 + and 7x +.
The modules replace the standard captcha control to a recaptcha
This is a good link explaining how Recaptcha came into existence, and why it works well: https://www.youtube.com/watch?v=cQl6jUjFjp4
The free modules are available of download here: http://www.interactivewebs.com/DotNetNukeModules/ModuleDownloads.aspx
To install them and fix your site you will need to follow the instructions below:
Go to: https://www.google.com/recaptcha/intro/index.html and register your domain, or domains. This will give you the ability to use recaptcha on your DNN sites on any domain you like.
You are going to need they keys that this site provides:
Similar to these.
Install our “iwebs- register” module, making sure you pick the one that is for your DNN version.
Once installed, you need to add the module to a page as you would any other. We recommend adding it to it’s own page in the DNN Admin menu, and keeping the page Admin Only.
The module you are looking for is called: iWeb’s – Register – You can select the Settings from the module drop down as you would any other DNN module.
Enter the Public Key and Private Keu information that you received from your Google Recaptcha registration of your domain. THEN SELECT UPDATE to save the information.
After saving your public and private keys by clicking “update” you are ready to:
Click on the “Install Register Control”
This will inject the recaptcha setting into your website. So when you hit any registration URL (www.yoursite.com /?ctl=Register) you now get the recaptcah box.
Google has released what they call V2 of Recaptcha. We have update the module to support this. The process of updating to V2 goes like this.
1. By default, previously created recaptcha keys are V1. Any updated installs of our module will need to be put into V1 mode (in the settings) to keep working with your V1 keys that you have previously configured into the module. So after updating our module to the latest release, go into the module settings and enable V1 mode for the module to keep working.
2. V2 recaptcha is better than V1. So we would suggest that all users of the module update to V2. To do this, you update our module to the latest release, then go into the Google Recaptcha management page, and delete your domains security keys, then generate new keys for V2. They have instructions on that process, all be is hard to understand.
Once you have new V2 recaptcha keys, you update these new keys back into our module and ensure that the V1 mode is NOT enabled. The V2 recaptcha will then run on your site.
This was a quick solution to some script kiddies attempt to attack DNN. I’m actually struggling to find the purpose (if you wrote the bot and you are reading this, I would love to hear why). There is little threat by the registrations that I can find. More annoying that anything else. While Recaptcah can be broken, it would take some smarts or costs to use online services for the bot, so I suspect they will not bother and recaptcha will reign for this problem. In any case, if they spend some time and effort making the bot work for recaptcah, it is easy enough for us to implement some of the loads of other solutions available to stop them.
We included a donation button. If you find the solution, blog, research we did, modules we created and responses we provide to be helpful. Please consider throwing us a few $
FileHelpers, Version=18.104.22.168, Culture=neutral, PublicKeyToken=3e0c08d59cc3d657′
Error: File Management is currently unavailable. DotNetNuke.Services.Exceptions.ModuleLoadException: (0): error CS1705: Assembly ‘DotNetNuke.Modules.DigitalAssets, Version=22.214.171.1245, Culture=neutral, PublicKeyToken=null’ uses ‘Telerik.Web.UI, Version=2013.2.611.40, Culture=neutral, PublicKeyToken=121fae78165ba3d4’ which has a higher version than referenced assembly ‘Telerik.Web.UI, Version=2013.1.403.40, Culture=neutral, PublicKeyToken=121fae78165ba3d4’ —> System.Web.HttpCompileException: (0): error CS1705: Assembly ‘DotNetNuke.Modules.DigitalAssets, Version=126.96.36.1995, Culture=neutral, PublicKeyToken=null’ uses ‘Telerik.Web.UI, Version=2013.2.611.40, Culture=neutral, PublicKeyToken=121fae78165ba3d4’ which has a higher version than referenced assembly ‘Telerik.Web.UI, Version=2013.1.403.40, Culture=neutral, PublicKeyToken=121fae78165ba3d4’ at System.Web.Compilation.AssemblyBuilder.Compile() at System.Web.Compilation.BuildProvidersCompiler.PerformBuild() at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath) at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate) at System.Web.Compilation.BuildManager.GetVPathBuildResult(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean ensureIsUpToDate) at System.Web.UI.TemplateControl.LoadControl(VirtualPath virtualPath) at DotNetNuke.UI.Modules.WebFormsModuleControlFactory.CreateModuleControl(TemplateControl containerControl, ModuleInfo moduleConfiguration) at DotNetNuke.UI.Modules.ModuleControlFactory.LoadModuleControl(TemplateControl containerControl, ModuleInfo moduleConfiguration) at DotNetNuke.UI.Modules.ModuleHost.LoadModuleControl() — End of inner exception stack trace —
The problem relates to a missing file that can be updated to the website /bin folder. The file is part of a free library that can be found here: http://sourceforge.net/projects/filehelpers/files/File%20Helpers%20Downloads/Version%202.0.0/
The file you need is: FileHelpers.dll front he 2.0 release from way back in 2010.
Download the file directly here: https://www.dropbox.com/s/otusnlf1jmy9f6o/FileHelpers.dll?dl=0
Extract it into the /bin folder.
And save that to the /BIN folder in your DNN website, this will fix the issue and leave any third party modules that reference it working.
Accessing your Google Analytic Data via API
To allow a third party module or application to view and display your Google Analytics data for your website. You need to get a few things organised.
Go to: http://www.google.com/analytics/ and follow their instructions to set up your URL under an account that you can manage and access with Admin permissions. We are not going to go through these steps here as it is a given that you will have this. Seek help from Google if you can’t manage.
Go to: https://developers.google.com/ and login with your account.
To get started using Google Analytics API, you need to first create or select a project in the Google Developers Console and enable the API. Using this link guides you through the process and activates the Google Analytics API automatically.
Alternatively, you can activate the Google Analytics API yourself in the Developers Console by doing the following:
In either case, you end up on the Credentials page and can create your project’s credentials from here.
From the Credentials page, click Create new Client ID under the OAuth heading to create your OAuth 2.0 credentials.
The newly created service account will have an email address, <projectId>-<uniqueId>@developer.gserviceaccount.com; Use this email address to add a user to the Google analytics account you want to access via the API. For this tutorial only Read & Analyzepermissions are needed.
Select User Management (in the Analytics Admin)
Enter the weird email address from the API credentials step above to give Read & Analyze permissions.
If you get all that right, then the module we use, will work to access your Google Analytics data from within your module.
Exception information: Exception type: ConfigurationErrorsException Exception message: Unsecured Passwords Format Detected. The Membership Provider that contains the unsecure passwords format is: AspNetSqlMembershipProvider. The obsoleted password format is: Encrypted. For more information, see https://go.microsoft.com/fwlink/?linkid=834784.
Request information: Request URL: Request path: User host address: User: Is authenticated: False Authentication Type: Thread account name: IIS APPPOOL\DefaultAppPool
We tried to connect the website up to the wrong database. i.e. When we copied the database and moved it, we inadvertently copied the wrong database. This caused the above error due to the fact that the machinekey data in the web.config file was wrong for the database.
This caused the error 1310 to be thrown and the Application Pool associated with the new incorrectly setup site to stop.
Connect to the correct database!
Further to this we encountered a really weird set of errors after this. Initially the error appears to be a connection issue. But then we started getting failings that would come an go.
Error logs showing plenty of Event ID 1310 but also in the DNN logs:
DotNetNuke.Services.Log.EventLog.DBLoggingProvider – System.Data.SqlClient.SqlException (0x80131904): Could not allocate space for object ‘dbo.EventLog’.’PK_EventLogMaster’ in database ‘bla’ because the ‘PRIMARY’ filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup.
at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.FinishExecuteReader(SqlDataReader ds, RunBehavior runBehavior, String resetOptionsString, Boolean isInternal, Boolean forDescribeParameterEncryption)
at System.Data.SqlClient.SqlCommand.RunExecuteReaderTds(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, Boolean async, Int32 timeout, Task& task, Boolean asyncWrite, Boolean inRetry, SqlDataReader ds, Boolean describeParameterEncryptionRequest)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method, TaskCompletionSource`1 completion, Int32 timeout, Task& task, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)
at System.Data.SqlClient.SqlCommand.RunExecuteReader(CommandBehavior cmdBehavior, RunBehavior runBehavior, Boolean returnStream, String method)
at PetaPoco.Database.ExecuteScalar[T](String sql, Object args)
at DotNetNuke.Data.PetaPoco.PetaPocoHelper.ExecuteScalar[T](String connectionString, CommandType type, String sql, Object args)
at DotNetNuke.Data.SqlDataProvider.ExecuteScalar[T](String procedureName, Object commandParameters)
at DotNetNuke.Data.DataProvider.AddLog(String logGUID, String logTypeKey, Int32 logUserID, String logUserName, Int32 logPortalID, String logPortalName, DateTime logCreateDate, String logServerName, String logProperties, Int32 logConfigID, ExceptionInfo exception, Boolean notificationActive)
at DotNetNuke.Services.Log.EventLog.DBLoggingProvider.WriteLog(LogQueueItem logQueueItem)
The issue turned out to be that the database was a legacy database we received from another host. They had defined a database limit size in the SQL database it’s self. This caused the database to strop responding to DNN in a way we had never seen. After some time, the maintenance would drop the size of the database just below the limit and the DNN site would fire up. Until it reached the SQL database limit again.
Not likely to be a problem for many people, but something to check in the SQL dates settings.
Increase or remove the size of the SQL database limit.
Out of the box Exchange Server does not support DKIM signing. And it doesn’t look like Microsoft has any intention of adding this feature any time soon. So for now the best way to implement DKIM signing is via third party a plugin.
DKIM (DomainKeys Identified Mail) is an email security standard designed to make sure messages weren’t altered in transit between the sending and recipient servers. It uses public-key cryptography to sign email with a private key as it leaves a sending server. Recipient servers can then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the message hasn’t changed during transit. Once the hash made with the private key is verified with the public key by the recipient server, the message passes DKIM and is considered authentic.Source: https://postmarkapp.com/guides/DKIM
If you want to know more about how DKIM works, Postmark provides a pretty detailed explanation.
Exchange DKIM Signer is an open source, easy to install DKIM Signing Agent for Microsoft Exchange Server. It includes support for Exchange Server 2007 through to 2016.
1. Download the latest GUI package: https://github.com/Pro/dkim-exchange/releases/latest (Configuration.DkimSigner.zip)
2. Extract it somewhere on your Server (e.g. Desktop)
3. Start Configuration.DkimSigner.exe
4. Select Install
5. Once the installer has completed, click Close
1. Now configure the DKIM Signer with the installed GUI. Navigate to and launch the configuration executable (located under "C:\Program Files\Exchange DkimSigner\Configuration.DkimSigner.exe".
"C:\Program Files\Exchange DkimSigner\Configuration.DkimSigner.exe"
2. Click Configure and move the priority of the DkimSigner Agent up to at least 3, if not 1 (This is to prevent other agents from potentially interfering with the headers), and then click Close
3. Navigate to the DKIM Settings tab and change the Header & Body Canonicalization options to Relaxed. Click Save configuration to save your changes. See DKIM Canonicalization – or – why Microsoft breaks your mail for reasons why choosing Relaxed over Simple may be the better option.
4. Now switch to the Domain Settings Tab. Fill in your Domain name and Selector and click Generate new key. DKIM Signer will then generate new public and private DKIM signing keys based on your chosen domain and selector.
Generate new key
A save window will open prompting you to save the newly generated key in "C:\Program Files\Exchange DkimSigner\keys". Click Save.
"C:\Program Files\Exchange DkimSigner\keys"
You can save the generated keys to an alternative location if you wish. However DKIM Signer recommends storing them in the default location.
IMPORTANT: Make sure the user you’re signed into your exchange server as has permission to access whichever path you choose to store your keys. Otherwise you’ll encounter access denied errors: "Couldn't load private key for domain mydomain.net: Access to the path 'C:\Program Files\Exchange DkimSigner\keys\mydomain.net.pem' is denied.". And DKIM signing of outgoing mail will fail.
"Couldn't load private key for domain mydomain.net: Access to the path 'C:\Program Files\Exchange DkimSigner\keys\mydomain.net.pem' is denied."
5. Now you need to publish the DKIM TXT record for your domain (mydomain.net) with your DNS provider. Make a note of your Suggested DNS Name and click Copy to clipboard to copy the Suggested DNS Record.
Suggested DNS Name
Copy to clipboard
Suggested DNS Record
Now head to your DNS provider to create your TXT record.
6. Select TXT record as the type of record to create and for the TXT record Name, enter your Suggested DNS Name (key1_2017._domainkey).
*Most DNS providers automatically add your domain name to the end of the TXT record ‘Name’ entry, so there should be no need to enter the whole record e.g. key1_2017._domainkey.mydomain.net.
For the TXT record content, paste your copied key and save.
Wait a few minutes for the record to propagate (Most DNS providers are pretty quick these days) then head back to the DKIM Signer Domain Settings tab and click Check. DKIM Signer will query your DNS record and if all’s well your record should now be verified as correct. Click Save to save your domain settings.
7. Switch to the Information tab and restart the Exchange Transport Service by clicking on Restart.
DKIM Signer is now configured to sign emails originating from your domain.
1. Open your web browser of choice and navigate to http://dkimvalidator.com/. Make a note of the randomly generated email address. DO NOT CLOSE THE BROWSER/TAB, you’ll need to return to this page shortly.
2. Log into an Exchange mailbox associated with the domain you’ve just setup and send an email to this random address.
3. Allow a few minutes for your email to arrive at dkimvalidators.com’s site then return to your browser and click on View Results.
If you see results = pass, congratulations, your setup is complete and you can now send email verified using DKIM signing.
results = pass
Note: This is copy of the post from: https://colinwilson.uk/2017/07/19/setting-up-dkim-for-exchange-server/
I particularly did not want to loose it as it is great.
Lucky 8 Proud Rhino Hidden Winch – I specifically asked for the model that had been slightly modified to fit the MY19 model. I know someone who had a tray from 2018 that struggled to fit the MY19 vehicle. Email communications with Lucky8 ensured the correct tray was sent.
This is what arrived exactly. No bolts etc. As it turns out… you don’t need any. You will see later.
Domin8r x 12,000lb Winch with synthetic rope. – Note that as of 2020 there are two two Domin8r winches available. The one pictures and the Extreme. The extreme has an improved brake system and on inspection was a little larger in height. Because of this and the fact that I had seen images of the “standard” or orange rope version installed on this exact fit, I went for the standard version.
Pictured is exactly what arrived in the box.
I did consider a Warn which, however the price is literally 10 times the cost of this kings winch. And the fact that my Discovery while used hard will never be an extreme 4×4. The winch I am fitting servers two purposes for me.
1. It lets me explore tracks and go “down” places without the anxiety of getting stuck.
2. It lets me recover myself and others more easily that perhaps I would without the winch option.
In all honestly, on my previous LR’s fitted with a winch, I only ever used it twice and both times could have used other options. But I did find the comfort of knowing it was there completely changed how willing I was to explore hard tracks alone.
So the cheaper winch, it it only works a handful of times will suite me fine!
I added the wireless which controller option to allow me to use the controller at the wheel without wires.
You can see that there is a dongle that plugs into the control box, and the remote that confusingly comes with wires, but the can be removed.
Factor 55 1.0 Grey Fairlead
1.5” 5/8 screws with Hex Heads and a couple of washers.
3M Automotive double sided tape.
This tape is used to refit the side strips around the wheel arches.
This for my was by fat the hardest part of the job. Knowing where to screw and pull to unclip and remove the bumper was not something I could do alone. So I enlisted a Landrover Mechanic (Tom) to assist me on the removal and refitting of the bumper. Super handy having him there to do it professionally. Total time to remove was about 40 minutes.
Not really going to try and describe the steps to remove the bumper. After seeing it done, I don’t think I would attempt it again without help. There is a bit to it. But some interesting steps included….
Removing the side strips around the wheel arches required carefully prying the double sided tape off, and disconnecting the sensor plugs. We used the 3M double sided tape to fix them back on.
The front radar sensor fitted the the cross bar. This is the bar that will be hacked into to make room for the winch.
Note the plastic dieting trim at the top and bottom of this image. They effectively directed air through the radiator. We managed to keep the top, but the bottom had do go.
This front scoops here are to direct air onto the brakes. We managed to refit these after the tray was added.
Removing the bottom plastic air direction housing.
With it removed.
You will notes that there is still a plastic scoop at the bottom. We cut this off wish industrial scissors that made easy work of the plastic.
This is the cut away bottom plastic air duct. Both sides shown here to assist you with how much to cut.
We decided to unplug the cooling pipes to give us more room. We saved and used again the cooling fluid.
This hose in the middle frame was one that was tricky to fit back. You can see in this image that the tray is in place, although not tight. The hose comes around the tray and would rub on the tray. We decided to fit a foam block between the hose and the lucky8 tray. Something like a pool noodle cut to size would work well here. Something that fit around the host, but between it and there tray to ensure that vibration stays away.
Now this is not a picture of my bar. And I cannot believe it that I did not take a picture of the cuts we made before fitting the winch tray and winch. But we effectively made the same cuts as were made here, but did not remove the bar from the car to do it. Simply cut with the bar fixed to the car. The cuts were not hard, and worked well with a standard angle grinder. A couple of things to note in this.
1. The bar is much more sturdy than it looks here.
2. The middle remaining square bracket is to allow fitting of the radar back in place.
3. The cut on the back o the bar on the right side, needs to be a little angled to the right. i.e making some more room on the back right bottom.
The end result with our bar. Note again the cuts in the bar. The winch in place.
You will also note that we fitted the control box with the plug sitting forward. This worked very well and allowed some of the cables to come forward of the bar, and some to go behind the bar. To fix the control box we simply straightened the mounting bracket in a vice, then drilled a couple of holes through the bracket and bar then fixed it with some metal tapper screws.
Note the alignment of the box plug just to the right in the image of the screw holes below. This allows the box to be accessed from the front through the grill once the bumper is reattached.
Winch orientation is important. Note that the direction we have the winch allows the winch rope to run in on the bottom of the winch. I have seen the winch fitted the other way around, but this means that “in” on the controller will wind the rope on the top of the drum. Note idea for winches as it puts more moment on the attaching bolts. We found that fitting the winch this orientation worked fine.
The cables were easy. Two leads gong back through the front assembly to the right are fixed to the jump points in the car. The red cable that loops back from the control box and under the cross bar, that you see on the bottom of this image is actually visible from the front of the car. So fitting a black or shrink wrap here would discuss that better.
You can see here too the radar fitted back in place and the winch cables zip tied to the top of the cross bar to keep excess cables from rubbing around the place. It is also interesting that the zip ties are visible from the front, so we used black to make it cleaner from the front view.
The mounting brackets took a bit of playing around with to get them orientated correctly. When we did, it all fit well and was obvious. This pic shows the orientation dangling down. We swing them into place 180 deg and use the winch bolts to fit them up through the tray and into the winch.
You can see here that the bolts going up through the tray are the Domin8tor winch bolts that came with the winch. They go up through the winch brackets and tray and into the winch mounting lugs.
The direction of the brackets works well in this orientation. We tried to have the brackets the other way around to put the bracket angel mount outwards for better strength. However we found they would not fit in that orientation. But we are happy with the result here.
The cables that come up behind the light assembly.
Then run up over the air box
And fitted beneath the jumper mounts.
We did consider fitting them to the winch mount (that comes on the discovery) that is behind the front right wheel guard, and it would have worked. But the problem is that the Domin8tor winch has the in lead fuse that you can see in this image. There would be no way of easy access to that fuse if fitted to the winch mount. So we elected to fit it here. With zip ties it is very sturdy and works well.
This picture shows the winch cables zip tied in place, but also the car cabling tied back over the top of our work.
The end result before the bumper was attached again.
With the bumper fitted and the winch rope just temporarily zip tied out the way.
To get the factor 55 1.0 fair lead to fit, we need to make two cuts to the bumper just either side of the fairlead. The cuts are to the vertical plastic moulding. We made the cuts at the bottom and just screwed the factor 55 fairlead inlace while holding the plastic open using a bit of bruit strength.
The result is that the bumper splits a little wider around the fairlead and is a little deformed from its original shape. But the end result is that the fairlead sticks out a little giving good clearance for the rope to stay away from the bumper, and the whole thing looks good from the front. We made the cuts with a multi tool in about 5 seconds. Easy work.
Not the control box is still accessible from the front, but mostly hidden. The wireless dongle sits really nicely in place and could be left there for a day out with a bit of winch work anticipated.
Paul Muscat for running the LR D5 Group.
Rob Morley for sharing his similar fit and answering my many questions.
Tom – The Landrover guru who helped with the bumper and whole job
Darub Abrahams – Who shared his experience with the older tray and some of the notes that helped with my decision making.
This is a Landrover Manual extract that talks about their winch fitting option that they never released. I referenced this a bit, but this blog post would be more help to anyone doing the same thing.
If you live in Sydney and want a Landrover mechanic to assist you with this winch combination, then please contact me. Tom would be only too happy to help.
Setting up Outlook 365 to access InteractiveWebs SmarterMail services
When adding an account, select the advanced options after entering your email address.
Select IMAP from the Advanced Setup
Select NO. You do not want to continue using the certificate.
Select Change Account Settings
Enter the following setup. mail.interactivewebs.com. with Security enabled for both incoming and outgoing services.
Password as advised.
And you are done!
Once the SSL certificate is installed, your site still remains accessible via a regular insecure HTTP connection. To connect securely, visitors must specify the https:// prefix manually when entering your site’s address in their browsers.
In order to force a secure connection on your website, it is necessary to set up a certain HTTP/HTTPS redirection rule. This way, anyone who enters your site using a link like “yourdomain.com” will be redirected to “https://yourdomain.com” or “https://www.yourdomain.com” (depending on your choice) making the traffic encrypted between the server and the client side.
Below are steps to setup a IIS HTTPS redirect:
The IIS redirect can be checked by accessing your site via http:// specified in the URL. To make sure that your browser displays not the cached version of your site, you can use anonymous mode of the browser.
The rule is created in IIS, but the site is still not redirected to https://
Normally, the redirection rule gets written into the web.config file located in the document root directory of your website. If the redirection does not work for some reason, make sure that web.config exists and check if it contains the appropriate rule.
To do this, follow these steps: