Thursday, June 17, 2010

Set Umbraco Folder Permissions with Powershell

If you're not configuring Umbraco through a web installer, you've had your installs in place for years and never checked the permissions or whoever set the permissions up was lazy and gave IIS write access to the entire folder, there will come a time when you want to restrict modify access to just those user(s) who should have access.

You can find a (pretty) complete list of the files/folders that the Umbraco install should have access to here but assigning them across 101 different installs is a PITA . Thanks to a helpful PowerShell script to set folder permissions from PowerShell.nu you can easily automate the process.

For those of you not familiar with PowerShell (like me) complete instructions are below. For the rest, here's the command:

Get-ChildItem -path ##PATH TO YOUR INSTALL## 
| Where { $_.name -eq "Bin" -or $_.name -eq "Config" -or $_.name -eq "Css" -or $_.name -eq "Data" -or $_.name -eq "Masterpages" -or $_.name -eq "Media" -or $_.name -eq "Scripts" -or $_.name -eq "Umbraco" -or $_.name -eq "Umbraco_client" -or $_.name -eq "UserControls" -or $_.name -eq "Xslt" } 
| ForEach {./SetFolderPermission.ps1 -path $_.Fullname -Access "NETWORK SERVICE" -Permission Modify}

Instructions:

1. Save the SetFolderPermission.ps1 script to your server
2. Open your PowerShell console (I think it's installed by default if not, you can download PowerShell here)
3. Copy the above PowerShell command into notepad
4. Update "##PATH TO YOUR INSTALL##" to your Umbraco install
5. If your IIS install doesn't use NETWORK SERVICE as the default user, update it to your user
6. Make sure it's all on a single line
7. Copy/Paste/Run in PowerShell

Bonus

If you're uber lazy and just have a web folder of Umbraco installs you can set the path to the folder of Umbraco installs and use:

Get-ChildItem -path ##PATH TO YOUR FOLDER## -recurse
| Where { $_.name -eq "Bin" -or $_.name -eq "Config" -or $_.name -eq "Css" -or $_.name -eq "Data" -or $_.name -eq "Masterpages" -or $_.name -eq "Media" -or $_.name -eq "Scripts" -or $_.name -eq "Umbraco" -or $_.name -eq "Umbraco_client" -or $_.name -eq "UserControls" -or $_.name -eq "Xslt" } 
| ForEach {./SetFolderPermission.ps1 -path $_.Fullname -Access "NETWORK SERVICE" -Permission Modify}

I've not tried this mind you and can't recommend it but hey, it's there if you want it ;)

Set Umbraco Folder Permissions with Powershell

Useful Links:            Comments [0]  Trackback

Tags: ASP.Net | Hosting | IIS | PowerShell | Server Maintenance | Server Management | Umbraco | Web Development

 Friday, July 25, 2008

Identify IIS Sites and Log File locations for WWW and FTP –the source

Exactly a year ago today I posted a little application that output the sites in IIS to a text file and as a few days ago Lars asked for the source, I thought it would be a nice thing to release it exactly a year later.

I didn't plan it that way, it just happened! Cool :)

Identify IIS Sites and Log File locations for WWW and FTP source

using System;
using System.DirectoryServices;
using System.IO;
using System.Collections;

namespace IISSites

{...}

{
    class Program

    {...}

    {
        static string fileToWrite = String.Empty;

        [STAThread]
        static void Main(string[] args)

        {...}

        {
            fileToWrite = String.Format("IISExport{0:dd-MM-yyyy}.txt", DateTime.Today);
            if (args != null && args.Length > 0)

            {...}

            {
                fileToWrite = args[0];
            }

            SortedList www = new SortedList();
            SortedList ftp = new SortedList();
            try

            {...}

            {
                const string FtpServerSchema = "IIsFtpServer"; // Case Sensitive
                const string WebServerSchema = "IIsWebServer"; // Case Sensitive
                string ServerName = "LocalHost";
                DirectoryEntry W3SVC = new DirectoryEntry("IIS://" + ServerName + "/w3svc", "Domain/UserCode", "Password");

                foreach (DirectoryEntry Site in W3SVC.Children)

                {...}

                {
                    if (Site.SchemaClassName == WebServerSchema)

                    {...}

                    {
                        string LogFilePath = System.IO.Path.Combine(
                            Site.Properties["LogFileDirectory"].Value.ToString(),
                            "W3SVC" + Site.Name);
                        www.Add(Site.Properties["ServerComment"].Value.ToString(), LogFilePath);
                    }

                }

                DirectoryEntry MSFTPSVC = new DirectoryEntry("IIS://" + ServerName + "/msftpsvc");
                foreach (DirectoryEntry Site in MSFTPSVC.Children)

                {...}

                {
                    if (Site.SchemaClassName == FtpServerSchema)

                    {...}

                    {
                        string LogFilePath = System.IO.Path.Combine(
                            Site.Properties["LogFileDirectory"].Value.ToString(),
                            "MSFTPSVC" + Site.Name);
                        ftp.Add(Site.Properties["ServerComment"].Value.ToString(), LogFilePath);
                    }

                }

                int MaxWidth = 0;
                foreach (string Site in www.Keys)

                {...}

                {
                    if (Site.Length > MaxWidth)
                        MaxWidth = Site.Length;
                }

                foreach (string Site in ftp.Keys)

                {...}

                {
                    if (Site.Length > MaxWidth)
                        MaxWidth = Site.Length;
                }

                OutputIt("Site Description".PadRight(MaxWidth) + "  Log File Directory");
                OutputIt("".PadRight(79, '='));
                OutputIt(String.Empty);
                OutputIt("WWW Sites");
                OutputIt("=========");
                foreach (string Site in www.Keys)

                {...}

                {
                    string output = Site.PadRight(MaxWidth) + "  " + www[Site];
                    Console.WriteLine(output);
                    OutputIt(output);
                }

                if (ftp.Keys.Count > 0)

                {...}

                {
                    OutputIt(String.Empty);
                    OutputIt("FTP Sites");
                    OutputIt("=========");
                    foreach (string Site in ftp.Keys)

                    {...}

                    {
                        string output = Site.PadRight(MaxWidth) + "  " + ftp[Site];
                        OutputIt(output);
                    }

                }

            }

            // Catch any errors
            catch (Exception e)

            {...}

            {
                Console.WriteLine("Error: " + e.ToString());
            }

            finally

            {...}

            {
                Console.WriteLine();
                Console.WriteLine("Press enter to close/exit...");
                //Console.Read();
            }

        }

        static void OutputIt(string lineToAdd)

        {...}

        {
            Console.WriteLine(lineToAdd);

            if (!String.IsNullOrEmpty(fileToWrite))

            {...}

            {
                StreamWriter SW;
                SW = File.AppendText(fileToWrite);
                SW.WriteLine(lineToAdd);
                SW.Close();
            }

            else

            {...}

            {
                Console.WriteLine("locationToOutput is Null or String.Empty please supply a value and try again.");
            }

        }

    }

}

Identify IIS Sites and Log File locations for WWW and FTP –the source

Useful Links:            Comments [0]  Trackback

Tags: C# | IIS | Server Management | The Site Doctor | Web Development

 Saturday, July 05, 2008

Deleting SVN directories with PowerShell

I've been re-working our new SVN structures recently as I'm now starting to understand how it works but one of the issues I had was trying to move the files/folders from a previous SVN directory.

PowerShell is great if you understand it (which I'm also learning) so I thought I would share this little script with you. It just loops through the files/folders and removes all those named _svn. I found this script from Wyatt Lyon Preul and he complained about the length of the script, but from what I can tell you can condense that down to:

I'm not that great with PowerShell yet but I hope that helps someone :)

Deleting SVN directories with PowerShell

Useful Links:            Comments [0]  Trackback

Tags: PowerShell | Server Maintenance | Server Management | The Site Doctor | Web Development

 Friday, June 27, 2008

West Bromwich gallery The Public fails to deliver again

If you've had the chance to catch any of the UK news recently (or even glanced at a paper) you'll no-doubt have heard about the fantastic new art gallery that was due to open in West Bromwich last year this weekend -The Public.

Unlike all the other articles about The Public (I ran out of words so here are a few more), I'm not interested in flaming the fact that they've placed a £32 million £52million (they went over budget) art gallery in one of the Midland's most deprived areas, or the fact that they're looking to charge around £7 for entry but instead the fact that they can't even get the simplest of things right -despite an astronomical budget.

Despite having gone over budget, and delivering late, they couldn't even manage to get their website online. In this day and age with such fantastic and resilient hosting providers such as Rackspace, there really is no excuse for having your website offline.

Fair enough, an "Under Construction" message could have been an amusing pun while The Public was being constructed but it has been constantly offline for the week before it's launched is simply unforgivable. Regardless of who developed it, I hope there were serious ramifications.

Despite this massive cock-up, I'm looking forward to avoiding the £7 entrance fee and checking out the futuristic art gallery this weekend (free entry). I'll upload my photos to Flickr if I'm allowed to photograph in there, if not the guardian has a nice collection of images. At least I know there the female toilets are complete.

Now I just need to find out when it opens.

.shame the website is still offline ;)

West Bromwich gallery The Public fails to deliver again

Useful Links:            Comments [2]  Trackback

Tags: Business | Server Management | The Site Doctor

 Saturday, March 08, 2008

Rackspace partners with The Site Doctor

There are a lot of changes afoot at The Site Doctor at the moment -not just the new company identity, site and top secret plan but we're partnering with industry leaders to ensure we're able to offer the very best service possible.

Today I'm going to introduce our hosting provider, Rackspace. The Site Doctor has partnered with Rackspace^®, Europe’s fastest growing and most successful IT hosting company, to provide our fully managed hosting solutions.

The Site Doctor has chosen Rackspace as our trusted hosting partner as they are completely focused and experienced in managed hosting. Every system and process at Rackspace was built exclusively for delivering a reliable and secure service, with support staff highly trained for supporting complex hosting environments. Rackspace supplies the necessary superstructure - web, application and database servers, network devices, bandwidth and managed services - needed to run any outsourced hosted solution. Solutions are hosted in state-of-the-art secure data centres, watched over by certified staff.

Another reason behind The Site Doctor's decision to partner with Rackspace was Rackspace's award winning and unbeatable level of customer service -nicknamed as "Fanatical Support^®". Rackspace employees are available 24/7/365 to meet and exceed your expectations, meaning fast responses to critical issues, unlimited (free) technical phone support, access to their huge online knowledgebase, guaranteed 100% network uptime and many other business-critical support features. By outsourcing to Rackspace, we get the peace of mind that our hosting environment is being looked after by the experts.

Rackspace's commitment to its customers has won them the Unisys/Management Today Customer Service Excellence Award for 2005, in addition to being named Microsoft's Gold Certified Hosting Solutions Partner of the Year and Red Hat's first Advanced Hosting Partner in Europe.

The Site Doctor highly recommends Rackspace because, like us, they hold the highest standards in service excellence and therefore are able to ensure that mission-critical applications will remain up and running in a secure environment.

Rackspace partners with The Site Doctor

Useful Links:            Comments [0]  Trackback

Tags: Hosting | Press Release | Server Management | The Site Doctor

 Tuesday, October 16, 2007

Identify which application pool is associated with which W3WP.exe process

Today I needed to identify a site that was causing the W3WP.exe process to run at 100% CPU. I had hoped that there was some clever way of identifying the site from the process id but no such luck. The issue was escalated because we have multiple sites under each application pool.It was done like this to keep the overheads minimal (each W3WP.exe process needs circa 25MB to run) but it makes identifying rogue code difficult.

If you need to identify which W3WP.exe relates to which Application Pool, open CMD, navigate to your System32 directory and type:

cscript iisapp.vbs

That'll then list the relevant W3WP.exe processes, process id and their app pool name.:) -simple and useful, just the way I like it!

Identify which application pool is associated with which W3WP.exe process

Useful Links:            Comments [1]  Trackback

Tags: Server Maintenance | Server Management

 Friday, August 24, 2007

Understanding email server connection checks

One of the reasons I'm fanatical about Rackspace as a hosting partner is that if you're unsure about something, you know you're able to ask an expert and get a top-notch response to your quandary.

I was recently speaking with another host who was talking about greylisting their emails -in short this is the process of rejecting the first email from a given email address/server and waiting for it to be (automatically) resent by the server later as unlike genuine email servers, most spam servers do not try to re-send an email if it's rejected by a server. We're not able to greylist our emails so I thought I would check that our spam filter settings were up-to-date.

The guys at Rackspace had a look through our spam filter settings and recommended we disabled the statistical filters as they were somewhat outdated technically and increase our connection checks -more importantly, deleting the email after it fails a number of checks. Historically I've been adverse to deleting emails on the server as there's no way to recover them so I asked how accurate connection checks were and thought I would share their easy-to-understand response about what the connection checks do.

Understanding email server connection checks

Useful Links:            Comments [0]  Trackback

Tags: Business | Server Management | The Site Doctor

 Wednesday, July 25, 2007

Identify IIS Sites and Log File locations for WWW and FTP

When we got our own dedicated server we needed to start working out a fair number of processes and decide upon a structure that was replicable, scaleable and manageable on a large scale, although the solution we've ended up adopting may not be the best, it certainly works for us.

One thing that has been bugging me however is the location and folder naming convention of the log files -for both the web hits and FTP hits. Typically, shared hosting solutions place the log files under the same folder as the one your website's root is situated but as we had no plans on giving our clients access to these logs this was an unnecessary task so we left them collecting in the default folder.

Leaving the log files in the default folder meant downloading them was very simple, all I needed to do was point our download script at the main folder and that was it, all would be included, the catch however was that the folders weren't named logically* instead they seemed to include some form of ID that was relevant to and assigned by IIS i.e. W3SVC1.

*By this I mean human readable i.e. domainname.com

Until recently I've not worried about analysing the log files beyond one or two clients whom I could manage fairly easily but now with the inclusion of a host of other domains on the server I needed a way of quickly and easily identifying the folders and which domains they related to.

Historically when I needed to know which domain the log folder related to I would log onto the server, open IIS, open the properties of the domain, click on the log file properties and below the folder directory would be the folder name, that's fine if it's only a handful of domains but what when it's say 20? That's 2mins each (with cross referencing etc) so that's 40minutes. I needed an automated system!

As it turns out, Microsoft have been kind enough to provide us with an interface we can easily code against in .Net so after a little Google-ing I wrote a number of little helper applications.

This little console application simply loops through all the domain names on the server it's being run on (the default instance of IIS) and outputs the relevant log file and folder path into a handy text file. I'll post in another post about how I use this file.

For convenience's sake I have this run on a nightly basis and the text file output to the root of the log file directory, that way when I download the logs during the next day I get the latest update of log file locations and domain names :)

Download the IIS WWW and FTP log file location exporter.

1 Year Update: I've posted the source for the IIS WWW and FTP log file location exporter here.

Identify IIS Sites and Log File locations for WWW and FTP

Useful Links:            Comments [2]  Trackback

Tags: IIS | Server Management | The Site Doctor | Web Development | WebDD

 Monday, June 18, 2007

Server management 101 -part 1: Website directory structures and Identifying folder sizes

Since getting our own dedicated server a couple of years ago we’ve had a fairly step learning curve which a lot of the time has been a tad hit-and-miss (never at the detriment of our customers I might add). Luckily we’ve had the superb support of Rackspace behind us but as others may not be so lucky, I thought I would post up a few nuggets we’ve received over the years. As I remember more, I’ll add additional posts.

Domain/Folder organisation

One of the first issues we came across (and I’m sure many people have already got into this position) was the structure of the folders on both the server and development machines. The solution we came up with was to have a common folder –for argument’s sake lets call it “WebsitesFolder”. Within “WebsitesFolder” you then create a new directory for each domain name and finally within that, a folder for each subdirectory i.e. www, blogs etc.

By creating a new folder for each subdomain, you are able to quickly find the correct folder for the domain. Then locally you are able to store the source files outside of the site’s root which will (or should) speed up your FTP transfer process as you won’t need to select which files to upload¹. The structures might then look like this:
Development server

• /domain.com
  • /www/
  • /subdomain/
  • /Source Imagery/
  • /Some Irrelevant Folder/
• /domain2.com
  • /www/

Production server

• /domain.com
  • /www/
  • /subdomain/
• /domain2.com
  • /www/

¹It might also be worth you checking out SyncBackSE which is an excellent FTP client that only uploads files you have changed since the last transfer. It also has the added advantage that it has customisable filters allowing you to ignore source files and folders as _notes, .cs, .vb etc. http://www.2brightsparks.com/syncback/sbse.html

Finding large directories

The other day I noticed that one of our server’s disk space was running a little low but as far as I was aware there was plenty of space left. As we tend to store all client data within set folders I was able to quickly identify that it wasn’t the client folders that was taking all the room so what was?

When you don’t know which folders are taking the space, there are a couple of tools you may find useful. The first I was told about was TreeSize (http://www.jam-software.com/freeware/index.shtml) -a free program that gives you a graphical representation of each folder’s usage:

It then allows you to quickly traverse the directory structure and identify the offending directory. There’s a load more information available through the easy-to-use interface but if all you want is a number it’s a little overkill.

The alternative to TreeSize

A heading? Just for this? Yes –this little tool is the Mac Daddy of directory size info as far as I’m concerned as it’s a free (we like free ;)) command line tool found on Microsoft’s site called “Directory Disk Usage” –DIRUSE.

DIRUSE is really easy to use, simply load up CMD and type in:
diruse /m /* c:\
and you’ll get a report of your chosen folder’s sub folders, related sizes and a count of the files within it. Ok it’s iteration can be a little slow but it gives you all the information you need quickly and easily.

The syntax is as follows:
DIRUSE [/S | /V] [/M | /K | /B] [/C] [/,] [/Q:# [/L] [/A] [/D] [/O]] [/*] DIRS

/S

Specifies whether subdirectories are included in the output.

/V

Output progress reports while scanning subdirectories.  Ignored if /S is specified.

/M

Displays disk usage in megabytes.

/K

Displays disk usage in kilobytes.

/B

Displays disk usage in bytes (default).

/C

Use Compressed size instead of apparent size.

/,

Use thousand separator when displaying sizes.

/L

Output overflows to logfile .\DIRUSE.LOG.

/*

Uses the top-level directories residing in the specified DIRS

/Q:#

Mark directories that exceed the specified size (#) with a "!".

(If /M or /K is not specified, then bytes is assumed.)

/A

Specifies that an alert is generated if specified sizes are exceeded. (The Alerter service must be running.)

/D

Displays only directories that exceed specified sizes.

/O

Specifies that subdirectories are not checked for specified size overflow.

DIRS

Specifies a list of the paths to check –you can use semicolons, commas, or spaces to separate multiple directories if required.

Note: Parameters can be typed in any order. And the '-' symbol can be used in place of the '/' symbol.

Also, if /Q is specified, then return code is ONE if any directories are found that exceed the specified sizes. Otherwise the return code is ZERO.

Example: diruse /s /m /q:1.5 /l /* c:\websitesfolder

Server management 101 -part 1: Website directory structures and Identifying folder sizes

Useful Links:            Comments [0]  Trackback

Tags: Server Maintenance | Server Management | The Site Doctor | Web Development | WebDD