Website denies some crawlers/browsers access but not others - cloudflare

You probably think that this is a misbehaving crawler problem but this CloudFlare website:
Blocks Internet Explorer on Windows 10 desktop (uses Windows API for HTTP)
Allows Edge on Windows 10 desktop (uses Windows API for HTTP?)
Blocks my crawler on Windows using WinInet Windows API for HTTP
Allows my crawler on Mac using Mac API for HTTP
Accordingly to this Internet Explorer 7 on Windows Vista should be support on even free CloudFlare:
https://support.cloudflare.com/hc/en-us/articles/203041594-Cloudflare-SSL-cipher-browser-and-protocol-support
I am in preliminary research phase, but it feels like a certificate issue. I have not experienced this problem before on any website when using Windows 10. (But yes, older versions of Windows can have similar problems to certificate problems)
Any ideas? I have not implemeted HTTP2 part of Windows API - is that a possible explanation? Would just be a bit odd to require that so.... But could possibly explain why Edge and not IE works.

I asked the website owner and the website was setup to only support TLS 1.3 and not accept TLS 1.2 --- TLS 1.3 support is still experimental in Windows 10 (internet options)

Related

IIS can only support three instances of a Blazor server client?

I've download Visual Studio 2022 and tested the default Blazor Server template (Home/Counter/FetchData). In Visual Studio, IIS Express I can open as many tabs / instances of the application as I want.
When I host the default Blazor Server template in local IIS (Windows 10 Home 21H2, IIS 10) I can only open three instance of the application. The fourth will hang until the first is closed. I see someone has ran into nearly the exact same issue but there is no solution provided.
Anyone know whats going on? I don't understand why IIS Express can handle multiple instnaces but IIS 10 can not. Even Conveyor by Keyoti can support many many tabs compared to IIS 10.
Note: I notice SignalR has limitations on Windows / IIS of 10 concurrent connections, but I'm not even getting two.
Updates
Out of curiosity I tested it on Windows Server 2016 Standard and I can open hundreds of tabs.
I re-installed IIS on Windows 10 to make sure something wasn't wacky.
I've ensured WebSocket Protocol is enabled.
Windows 10 Home supports 3 concurrent connections at the same time, according to Microsoft.
Normal HTTP requests to IIS get process and response returned. So even if you manage to achieve 4 or more at the same time, IIS will work through the request queue and you may not have noticed that your request was slightly delayed unless your individual requests take a while to process.
However with SignalR, a persistent connection is maintained to the server. So if you open one connection per browser tab, and you have 4 tabs open, that 4th tab is going to hang indefinitely until one of the other page has its connection ended (by closing the tab, manually disconnecting via code, or refreshing the page).
I can't reproduce the issue, and I have tried to search some way to solve it.I will summarize a few ways below that you can try.
Try to install Websocket Protocol in your Win10. You can find it in Windows features.
Workaround: install IIS Express in Web Platform Installer.
Workaround: Try to deploy it in windows server, and check whether have same issue. I found some posts also mentioned it may related with OS version.
The solution was incredibly simple (maybe too simple?). Don't use IIS at all.
In Program.cs just before building the app I override Kestrel ports to listen on any ip (for now).
(Optional) I provide a custom SSL certificate in the UseHttps constructor so that it can be emailed and installed on iOS and Android devices.
(Required) Then I publish the applications to a folder and just run the .exe on the hosting machines.
Program.cs
builder.WebHost.ConfigureKestrel(opt =>
{
opt.ListenAnyIP(8000);
opt.ListenAnyIP(8001, listOpt =>
{
listOpt.UseHttps(#"Path to.pfx file", "password for pfx file");
});
});
Now Windows 10 Home can support as many connections as the hardware can handle at https://192.168.0.XXX:8001. Is this how Blazor Server is expected to be deployed within a local network? I don't understand how this overcomes the connection limit pointed out in masons answer. Please let me know in the comments if I'm missing something.

Ideas on how to get around Windows 11 ARM not supporting IIS

My new Macbook Pro running on an M1 Max (ARM) chip just came in. I installed Parallels and Windows 11 Preview for ARM, and Visual Studio installs / launches / builds my solution beautifully. Unfortunately the turn windows features on or off dialog doesn't have the option for installing IIS, and others have posted that this is not supported in Windows 11 for ARM.
Our dev team runs multiple ASP.NET Core 3.1 websites locally under IIS using subdomains, e.g.: https://auth-dev.mydomain.com, https://web-dev.mydomain.com, https://webapi-dev.mydomain.com. This was easy to set up in IIS using the bindings dialog, I could specify for port 443 (https) to use a certain subdomain and our dev SSL certificate.
Now I need to figure out how to make this work on Windows 11 ARM. Developing on an inferior non-Macbook Pro laptop doesn't seem like a great solution for .NET devs, I have to assume others with M1 chip Macbook Pros have run into this same issue. What are my options?
I first started looking into using IIS Express, but it seems like every website has to run on a different port, whereas I need them all to run on port 80 (just with different subdomains.) I'd be fine with them running on different ports if there was a way to forward those various ports to the subdomains, but it doesn't seem like the windows HOSTS file supports that.
I also looked into using the Apache web server for Windows, but I read somewhere that it doesn't support running ASP.NET Core apps.
OS build 22563.1 supports IIS. I'm not sure if this is the first build that supports it, but I checked after the last automatic windows update and the IIS features are available; they were not before. I am on a m1 Mac using Parallels with the Windows Insider Preview ARM image.
Edition: Windows 11 Pro OS
Build: 22563.1
Experience: Windows Feature
Experience Pack 1000.22563.1.0
I'm using Windows 11 & IIS Express on a MacBook Pro M1 Max (via Parallels) and it is working fine. Of course, for developing environment!
You can download IIS Express from
https://www.microsoft.com/download/details.aspx?id=48264
You can download the ASP.NET Core Runtime or .NET 5.0 SDK to allow you run to run ASP.NET applications on Windows, Mac or Linux.
See https://support.microsoft.com/en-us/windows/downloads-for-windows-32490f9b-01ee-c13e-b2af-b5057c2d34e8

Is there a way to securely transmit data from Windows Mobile 6.5 over the Internet?

I have an application in C++ that needs to transmit data securely via web services to our web server.
VPN was the first choice, but out network administrator informs us that we will not support the IPSEC protocols available on Windows Mobile.
Currently we have tried implementing a SSL connection, but found we don't have the libraries for that.
Alternatively, we have been trying PocketPutty to create a SSH tunnel, but that only has a GUI interface, and we're not sure how to get that to work via programming code.
Thank you
OpenSSL supports Windows CE.
SSL 2.0 has been supported since at least CE 5.0.
SecureBlackBox is also supported.

IE8 in Windows XP vs Windows 7 pulls different security certificate.

I am having a strange problem. When you view one of our websites under IE8 XP it pulls the wrong security certificate from the server.
When I view the same website in IE8 on Windows 7 it pulls the correct security certificate.
Same exact url: https://aframe.insurancehelper.com/
I am not sure how to debug this. Does XP identify itself differently than Win7 and every other OS?
Let me know if I can supply any additional information that would be helpful.
The sever is using Apache 2.2.
It's likely caused by using multiple SSLs on one IP via Apache. From what I've seen the only way to overcome this is via a unique IP per SSL. More detail can be found below.
This is only an issue for IE in XP too. If you're willing to ignore that minor segment of users you could continue as normal, place a warning on the site that IE8 and below users, that they should switch to a more up to date and secure browser.
http://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm

How to implement a SSL server on Windows CE

I need to implement a server running on Windows CE 5.0 that shall communicate on a secure connection. To implement a secure connection SSL looks like a good choice.
The Windows CE 5.0 Winsock implementation allows to implement all the SLL stuff using the Winsock Secure Sockets. But the problem is that the referred site states:
SSL does not support the following Winsock functionality ... "Calls to the accept function".
How can I implement a SSL secured server when accept will not work? What other options do I have to implement a secure connection to a Windows CE 5.0 device?
Edit: My current application implementation is in C++. So I would prefer an approach that use the Windows API or a C++ library.
We ported the Mentalis Secure Socket Library to the Compact Framework for when we needed SSL. It was fairly painless, though not without its bugs.
MatrixSSL supports Windows CE:
MatrixSSLâ„¢ is an embedded SSL and TLS implementation designed for
small footprint applications and devices. Available is a fully
supported, commercial version as well as an open source version that
is available for download. MatrixSSL allows secure management of
remote devices. Several secure embedded Web servers also use MatrixSSL
for their encryption layer.
MatrixSSL has been ported to operating systems including
FreeRTOS, Bare Metal, eCos, VxWorks, uClinux, eCos, FreeRTOS, ThreadX,
WindowsCE, PocketPC, Palm, pSOS, SMX, BREW, MacOS X, Linux and
Windows.