Once you have secured your files and assigned user access and recovery agents, you should take steps to aid in data recovery in the event that something happens to your user account. First, you should back up your encryption key and then your user certificate.
Backing Up Your EFS Key
1. Click the Start button and choose Run...
2. Type mmc and click OK.
3. On the File menu, choose Add/Remove Snap-in and then click Add.
4. Under Available Standalone Snap-ins, click Certificates, and then click Add.
5. On the Certificates snap-in dialog, select My user account and then click Finish.
6. Click Close and OK to finish installing the new snap-in.
7. In the left pane of the console window you will see a new heading has been created on the tree display. Click the plus sign next to Certificates - Current User to expand it.
8. Next expand Personal and then expand Certificates.
9. In the right pane, select the entry that says File Recovery in the Intended Use column.
10. Right-click the certificate you just found, point to All Tasks and then click Export to start the Certificate Export Wizard.
11. Click Next.
12. Select Yes, export the private key and click Next.
13. Select Personal Information Exchange - PKCS #12 (.PFX) and also select Enable strong protection, and then click Next to continue.
14. Specify a password. (Note: this is the password that will be required to reinstall you backup. Make sure to pick a strong password that you will remember. I recommend choosing a password that is different from your Windows login password.)
15. Specify a filename and location to save the exported key. I recommend using your Windows user name for the filename and saving it to a removable storage device such as a floppy disk or USB thumb drive. You may also burn the file to a CD.
16. Verify the settings and then click Finish.
17. In the future you will not have to add the Certificates snap-in. Instead you will be able to start at step 7.
Backing Up Your EFS Certificate
1. Start Microsoft Internet Explorer.
2. On the Tools menu, click Internet Options.
3. On the Content tab, in the Certificates section, click Certificates.
4. Click the Personal tab.
5. Select one certificate at a time until the Certificate Intended Purposes field shows Encrypting File System. This is the certificate that was generated when you encrypted your first folder.
6. Click Export to start the Certificate Export Wizard, and then click Next.
7. Click Yes, export the private key to export the private key, and then click Next.
8. Click Enable Strong protection, and then click Next.
9. Type your password. (I recommend not using your Windows password.)
10. Specify the path where you want to save the key. You can save the key to a floppy disk, another location on the hard disk, or a CD. If the hard disk fails or is reformatted, the key and the backup will be lost. (If you back up the key to a floppy disk or CD, you must store that disk or CD in a secure location.)
11. Specify the destination, and then click Next.
Windows 2003 users have the option to backup using a button on the Details page under Advanced Properties when encrypting a file.
Remember to store your encryption key and certificate in a safe place, preferably on removable media.
Finally, you may wish to step up the protection that EFS offers by using the stronger 3DES algorithm. Don't worry about enabling this after encrypting other files. You will still be able to access files that were encrypted with the default DESX algorithm.
Enabling Advanced Encryption By Using 3DES
1. Click the Start button and choose Run...
2. Type gpedit.msc and click OK to start the Group Policy Editor.
3. In the left pane navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options.
4. Open the System Cryptography: Use FIPS compliant algorithms for encryption object. (Note that this settings applies to EFS and IPSec).
5. Select enabled and click OK.
Despite its own shortcomings, Encrypted File System still provides a fairly high level of data security. In the digital age, you can't be too safe. It's always a good idea to take advantage of the file protection features that Windows provides. In the event that your system is compromised or stolen, you can have the peace of mind of knowing that your data will be returned intact and unadulterated.
In a future article we will examine the new data protection features being offered in Microsoft Vista. As you will see, Microsoft's dedication to data security is paramount in its latest release.
DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.
Implementing EFS
The first step in implementing Encrypted File System is to encrypt the files you would like to protect. This is done very easily and Microsoft has integrated the feature into the Windows shell.
Encrypting a File or Folder with EFS
1. Browse to a file or folder in either My Computer or Explorer, right-click and choose Properties...
2. Click the Advanced... button.
3. Put a check mark in the box that says Encrypt contents to secure data and click OK.
4. Click OK to close the Properties dialog.
5. If you are changing a folder that already contains files, you will receive a confirmation dialog. Click OK.
You can easily distinguish between encrypted and unencrypted files in My Computer or Windows Explorer. Encrypted files will be listed in green. This allows you to tell at a glance whether or not your files are still secure. It's also worth noting that encryption can be added in conjunction with other file attributes.
Next, you need to determine if any other users should be allowed access. If so, they need to be added.
Allowing Multiple User Access to Protected Files
1. Right-click the file and choose Properties...
2. Click Advanced and then click Details.
3. Click the Add button to allow additional users.
While setting up additional users, you should also take the time to select your Data Recovery Agents. This will help prevent data loss as I described earlier in this article.
The Encryption Details dialog box is not available for folder objects. You must allow multiple users and select recovery agents on a file-by-file basis.
Encrypting a File or Folder with EFS
1. Browse to a file or folder in either My Computer or Explorer, right-click and choose Properties...
2. Click the Advanced... button.
3. Put a check mark in the box that says Encrypt contents to secure data and click OK.
4. Click OK to close the Properties dialog.
5. If you are changing a folder that already contains files, you will receive a confirmation dialog. Click OK.
You can easily distinguish between encrypted and unencrypted files in My Computer or Windows Explorer. Encrypted files will be listed in green. This allows you to tell at a glance whether or not your files are still secure. It's also worth noting that encryption can be added in conjunction with other file attributes.
Next, you need to determine if any other users should be allowed access. If so, they need to be added.
Allowing Multiple User Access to Protected Files
1. Right-click the file and choose Properties...
2. Click Advanced and then click Details.
3. Click the Add button to allow additional users.
While setting up additional users, you should also take the time to select your Data Recovery Agents. This will help prevent data loss as I described earlier in this article.
The Encryption Details dialog box is not available for folder objects. You must allow multiple users and select recovery agents on a file-by-file basis.
How EFS works
By default EFS uses DESX (56-bit) in Windows 2000 and DESX (128-bit) in Windows XP. Windows XP SP1 and higher use AES (256-bit) by default. Optionally 3DES (168-bit) in Windows XP and Windows 2003 (and Windows 2000 with High Encryption Pack) may be used.
All of these algorithms make use of a random cipher key so they present a fairly strong encryption. The Average Joe is not going to crack this thing in any reasonable amount of time. Also note that 3DES complies with Federal Information Processing Standards (FIPS 140-1 Level 1) and is significantly stronger than the default DESX encryption. You have to enable the use of 3DES. I'll show you that later in this article as well.
Keep in mind that EFS works off of your Windows account credentials. The stronger your Windows password, the more secure your encryption is going to be.
Even with its higher level of protection, EFS is not without limitations. If your logon credentials ever become compromised, EFS can be rendered fairly useless. EFS also works with a file's ACL provided by NTFS. Since EFS is dependent upon the file system, copying an EFS protected file to a non-NTFS volume will effectively remove its security as well.
Even copying a file across NTFS volumes in Windows will remove its protection. So EFS alone is not enough. To properly secure your data, you must also set up the proper access control policies as well.
In the event that you lose your EFS key backup or the encrypting account becomes corrupted, you can assign another user to act as a Data Recovery Agent. This is required in Windows 2000 and it defaults to the Domain Administrator in a domain environment. Selecting a DRA is optional in Windows XP.
All of these algorithms make use of a random cipher key so they present a fairly strong encryption. The Average Joe is not going to crack this thing in any reasonable amount of time. Also note that 3DES complies with Federal Information Processing Standards (FIPS 140-1 Level 1) and is significantly stronger than the default DESX encryption. You have to enable the use of 3DES. I'll show you that later in this article as well.
Keep in mind that EFS works off of your Windows account credentials. The stronger your Windows password, the more secure your encryption is going to be.
Even with its higher level of protection, EFS is not without limitations. If your logon credentials ever become compromised, EFS can be rendered fairly useless. EFS also works with a file's ACL provided by NTFS. Since EFS is dependent upon the file system, copying an EFS protected file to a non-NTFS volume will effectively remove its security as well.
Even copying a file across NTFS volumes in Windows will remove its protection. So EFS alone is not enough. To properly secure your data, you must also set up the proper access control policies as well.
In the event that you lose your EFS key backup or the encrypting account becomes corrupted, you can assign another user to act as a Data Recovery Agent. This is required in Windows 2000 and it defaults to the Domain Administrator in a domain environment. Selecting a DRA is optional in Windows XP.
Advanced Data Protection in Windows
In my last article I gave an introduction to basic data protection methods available in Windows. The methods I outlined provide a moderate level of protection that, due to their inherent shortcomings, may not be enough. For those who require a higher level of security, Windows provides two more methods of protecting your data.
Both of the advanced methods I'll be describing utilize encryption. In layman's terms, encrypting a file scrambles its contents and rewrites it to the drive. It can only be unscrambled if the proper credentials are provided.
The effectiveness of file encryption is dependent upon the algorithm being used and the strength of the encryption key that is provided. However, without the necessary encryption key, a file is effectively unreadable. Since this method of protection does not rely on the operating system, it provides a much more secure form of data protection.
The method I'll be covering in this article is an NTFS feature known as Encrypted File System. This encryption method is built into the file system and is available to any operating system that supports NTFS. By default, this is Windows 2000 and newer.
In Windows 2000 and Windows XP, EFS is only available in the Professional editions. This is because the home versions use a different NTFS driver that lacks support for EFS. Newer versions of Windows support EFS in all versions.
Encrypted File System in Windows relies on your user information to create the encryption key. It creates a sort of password hash based on your account SID. This is important to remember, because if you change accounts you will no longer have access to your files. I'll describe how to back up your key later in this article in case something goes awry.
In Windows, EFS must be enabled on a file-by-file basis. (Encrypting a folder actually applies EFS to each of the child files.) In its original design, you were only able to encrypt files under your own user directory. Now, however, you can encrypt any file based on your account credentials.
Both of the advanced methods I'll be describing utilize encryption. In layman's terms, encrypting a file scrambles its contents and rewrites it to the drive. It can only be unscrambled if the proper credentials are provided.
The effectiveness of file encryption is dependent upon the algorithm being used and the strength of the encryption key that is provided. However, without the necessary encryption key, a file is effectively unreadable. Since this method of protection does not rely on the operating system, it provides a much more secure form of data protection.
The method I'll be covering in this article is an NTFS feature known as Encrypted File System. This encryption method is built into the file system and is available to any operating system that supports NTFS. By default, this is Windows 2000 and newer.
In Windows 2000 and Windows XP, EFS is only available in the Professional editions. This is because the home versions use a different NTFS driver that lacks support for EFS. Newer versions of Windows support EFS in all versions.
Encrypted File System in Windows relies on your user information to create the encryption key. It creates a sort of password hash based on your account SID. This is important to remember, because if you change accounts you will no longer have access to your files. I'll describe how to back up your key later in this article in case something goes awry.
In Windows, EFS must be enabled on a file-by-file basis. (Encrypting a folder actually applies EFS to each of the child files.) In its original design, you were only able to encrypt files under your own user directory. Now, however, you can encrypt any file based on your account credentials.
Cleaning Out Your Programs in XP
Keeping your system clean is as important as anything you can do to achieve optimal performance from your computer. A cluttered computer can be one of the biggest hindrances when it comes to system functionality. So if you find it takes more time to open and run a program than it should, this article will offer a few beginner's tips for cleaning out Windows XP.
I wrote an article recently on ASP Free discussing a few simple ways to make your system run faster using the Task Manager on Windows XP. Most of the methods offered a temporary fix for when you are running multiple programs at once and need to prioritize your time in some way. However, doing a complete overhaul of your system can provide numerous long term benefits. The only thing you need to determine is whether your system actually needs cleaning (hint: it does).
It's hard to find someone with a computer who doesn't use it on some sort of regular basis, whether it be at work or at home. It's hard to find someone without a computer period. And even minimal use can result in some old files creating a backlog in your system. The point is, a quick dust up can never hurt. Still not convinced? Here are some of the pros and a few of the cons (just a few) of cleaning up XP on your computer.
Pros
First of all, there's the obvious issue of speed. A clean system will run faster than one cluttered with useless programs and old data. Then there's efficiency. How long does it take you to find the program or file you want to run after searching through the vast layers of your start menu, or worse, the Windows search tool? It can also save you money by creating more space on your hard drive, instead of having to go out and get a new one. The fact is you will have a lot less to worry about if you know there isn't some rogue virus hiding in the deepest depths of your system. The chances of a sudden crash or loss of data decrease dramatically with a tidy system.
Cons
If you're like me (lazy), then you'll probably want to know how long this is going to take. Naturally, that depends on the mess you've made in your system, but even the smallest mess will take at least an hour to completely clean. As for a large mess, well let's just say you'd better have easy access to a fridge and a toilet. Then there's the fact that you may not know how to use all the tools needed to clean your computer. Don't worry though, at least for this article. The techniques I discuss are unbelievably basic, but essential. Hopefully it won't be too much of a chore, at least not yet.
I wrote an article recently on ASP Free discussing a few simple ways to make your system run faster using the Task Manager on Windows XP. Most of the methods offered a temporary fix for when you are running multiple programs at once and need to prioritize your time in some way. However, doing a complete overhaul of your system can provide numerous long term benefits. The only thing you need to determine is whether your system actually needs cleaning (hint: it does).
It's hard to find someone with a computer who doesn't use it on some sort of regular basis, whether it be at work or at home. It's hard to find someone without a computer period. And even minimal use can result in some old files creating a backlog in your system. The point is, a quick dust up can never hurt. Still not convinced? Here are some of the pros and a few of the cons (just a few) of cleaning up XP on your computer.
Pros
First of all, there's the obvious issue of speed. A clean system will run faster than one cluttered with useless programs and old data. Then there's efficiency. How long does it take you to find the program or file you want to run after searching through the vast layers of your start menu, or worse, the Windows search tool? It can also save you money by creating more space on your hard drive, instead of having to go out and get a new one. The fact is you will have a lot less to worry about if you know there isn't some rogue virus hiding in the deepest depths of your system. The chances of a sudden crash or loss of data decrease dramatically with a tidy system.
Cons
If you're like me (lazy), then you'll probably want to know how long this is going to take. Naturally, that depends on the mess you've made in your system, but even the smallest mess will take at least an hour to completely clean. As for a large mess, well let's just say you'd better have easy access to a fridge and a toilet. Then there's the fact that you may not know how to use all the tools needed to clean your computer. Don't worry though, at least for this article. The techniques I discuss are unbelievably basic, but essential. Hopefully it won't be too much of a chore, at least not yet.
Differences Between VBScript and JavaScript
When calling a VBScript or a JavaScript procedure from an ASP file written in VBScript, you can use the "call" keyword followed by the procedure name. If a procedure requires parameters, the parameter list must be enclosed in parentheses when using the "call" keyword. If you omit the "call" keyword, the parameter list must not be enclosed in parentheses. If the procedure has no parameters, the parentheses are optional.
When calling a JavaScript or a VBScript procedure from an ASP file written in JavaScript, always use parentheses after the procedure name.
When calling a JavaScript or a VBScript procedure from an ASP file written in JavaScript, always use parentheses after the procedure name.
ASP Variables
Lifetime of Variables
A variable declared outside a procedure can be accessed and changed by any script in the ASP file.
A variable is used to store information.
If the variable is declared outside a procedure it can be changed by any script in the ASP file. If the variable is declared inside a procedure, it is created and destroyed every time the procedure is executed.
A variable declared inside a procedure is created and destroyed every time the procedure is executed. No scripts outside the procedure can access or change the variable.
To declare variables accessible to more than one ASP file, declare them as session variables or application variables.
Session Variables
Session variables are used to store information about ONE single user, and are available to all pages in one application. Typically information stored in session variables are name, id, and preferences.
Application Variables
Application variables are also available to all pages in one application. Application variables are used to store information about ALL users in a specific application.
A variable declared outside a procedure can be accessed and changed by any script in the ASP file.
A variable is used to store information.
If the variable is declared outside a procedure it can be changed by any script in the ASP file. If the variable is declared inside a procedure, it is created and destroyed every time the procedure is executed.
A variable declared inside a procedure is created and destroyed every time the procedure is executed. No scripts outside the procedure can access or change the variable.
To declare variables accessible to more than one ASP file, declare them as session variables or application variables.
Session Variables
Session variables are used to store information about ONE single user, and are available to all pages in one application. Typically information stored in session variables are name, id, and preferences.
Application Variables
Application variables are also available to all pages in one application. Application variables are used to store information about ALL users in a specific application.
Run ASP on Your PC
You can run ASP on your own PC without an external server. To do that, you must install Microsoft's Personal Web Server (PWS) or Internet Information Services (IIS) on your PC.
How to Run ASP on your own PC
You can run ASP on your own PC without an external server. To do that, you must install Microsoft's Personal Web Server (PWS) or Internet Information Services (IIS) on your PC.
If you are serious about using ASP, you should have at least Windows 98, Second Edition.
If you are really serious about using ASP, you should go for Windows 2000.
How to install PWS and run ASP on Windows 95
Personal Web Server (PWS) is not shipped with Windows 95 !!
To run ASP on Windows 95, you will have to download "Windows NT 4.0 Option Pack" from Microsoft.
Download the "Windows NT 4.0 Option Pack"
How to install PWS and run ASP on Windows NT
Personal Web Server (PWS) is not shipped with Windows NT !!
To run ASP on Windows NT, you will have to download "Windows NT 4.0 Option Pack" from Microsoft.
Download the "Windows NT 4.0 Option Pack"
How to install PWS and run ASP on Windows 98
1. Open the Add-ons folder on your Windows98 CD, find the PWS folder and run the setup.exe file.
2. An Inetpub folder will be created on your harddrive. Open it and find the wwwroot folder.
3. Create a new folder, like "MyWeb", under wwwroot.
4. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder.
5. Make sure your Web server is running - The installation program has added a new icon on your task bar (this is the PWS symbol). Click on the icon and press the Start button in the window that appears.
6. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page.
How to install PWS and run ASP on Windows ME
Personal Web Server (PWS) is not included with Windows Me !!
Read article from Microsoft
A workaround!
How to install IIS and run ASP on Windows 2000
1. From your Start Button, go to Settings, and Control Panel
2. In the Control Panel window select Add/Remove Programs
3. In the Add/Remove window select Add/Remove Windows Components
4. In the Wizard window check Internet Information Services, click OK
5. An Inetpub folder will be created on your harddrive
6. Open the Inetpub folder, and find a folder named wwwroot
7. Create a new folder, like "MyWeb", under wwwroot.
8. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder
9. Make sure your Web server is running - The installation program has added a new icon on your task bar (this is the IIS symbol). Click on the icon and press the Start button in the window that appears.
10. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page
How to install IIS and run ASP on Windows XP Professional
Note: You cannot run ASP on Windows XP Home Edition.
1. Insert the Windows XP Professional CD-Rom into your CD-Rom Drive
2. From your Start Button, go to Settings, and Control Panel
3. In the Control Panel window select Add/Remove Programs
4. In the Add/Remove window select Add/Remove Windows Components
5. In the Wizard window check Internet Information Services, click OK
6. An Inetpub folder will be created on your harddrive
7. Open the Inetpub folder, and find a folder named wwwroot
8. Create a new folder, like "MyWeb", under wwwroot.
9. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder
10. Make sure your Web server is running - its status can be checked by going into the Control Panel, then Administrative Tools, and double-click the "IIS Manager" icon
11. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page
How to install IIS and run ASP on Windows Server 2003 (Windows .NET Server)
1. When you start the Windows Server 2003, you should see the Manage Your Server wizard
2. If the wizard is not displayed, go to Administrative Tools, and select Manage Your Server
3. In the wizard, click Add or Remove a Role, click Next
4. Select Custom Configuration, click Next
5. Select Application Server role, click Next
6. Select Enable ASP.NET, click Next
7. Now, the wizard may ask for the Server 2003 CD. Insert the CD and let it run until it is finished, then click the Finish button
8. The wizard should now show the Application Server role installed
9. Click on Manage This Application Server to bring up the Application Server Management Console (MMC)
10. Expand the Internet Information Services (IIS) Manager, then expand your server, and then the Web Sites folder
11. You should see the Default Web Site, and it should not say (Stopped)
12. IIS is running!
13. In the Internet Information Services (IIS) Manager click on the Web Service Extensions folder
14. Here you will see that Active Server Pages are Prohibited (this is the default configuration of IIS 6)
15. Highlight Active Server Pages and click the Allow button
16. ASP is now active!
How to Run ASP on your own PC
You can run ASP on your own PC without an external server. To do that, you must install Microsoft's Personal Web Server (PWS) or Internet Information Services (IIS) on your PC.
If you are serious about using ASP, you should have at least Windows 98, Second Edition.
If you are really serious about using ASP, you should go for Windows 2000.
How to install PWS and run ASP on Windows 95
Personal Web Server (PWS) is not shipped with Windows 95 !!
To run ASP on Windows 95, you will have to download "Windows NT 4.0 Option Pack" from Microsoft.
Download the "Windows NT 4.0 Option Pack"
How to install PWS and run ASP on Windows NT
Personal Web Server (PWS) is not shipped with Windows NT !!
To run ASP on Windows NT, you will have to download "Windows NT 4.0 Option Pack" from Microsoft.
Download the "Windows NT 4.0 Option Pack"
How to install PWS and run ASP on Windows 98
1. Open the Add-ons folder on your Windows98 CD, find the PWS folder and run the setup.exe file.
2. An Inetpub folder will be created on your harddrive. Open it and find the wwwroot folder.
3. Create a new folder, like "MyWeb", under wwwroot.
4. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder.
5. Make sure your Web server is running - The installation program has added a new icon on your task bar (this is the PWS symbol). Click on the icon and press the Start button in the window that appears.
6. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page.
How to install PWS and run ASP on Windows ME
Personal Web Server (PWS) is not included with Windows Me !!
Read article from Microsoft
A workaround!
How to install IIS and run ASP on Windows 2000
1. From your Start Button, go to Settings, and Control Panel
2. In the Control Panel window select Add/Remove Programs
3. In the Add/Remove window select Add/Remove Windows Components
4. In the Wizard window check Internet Information Services, click OK
5. An Inetpub folder will be created on your harddrive
6. Open the Inetpub folder, and find a folder named wwwroot
7. Create a new folder, like "MyWeb", under wwwroot.
8. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder
9. Make sure your Web server is running - The installation program has added a new icon on your task bar (this is the IIS symbol). Click on the icon and press the Start button in the window that appears.
10. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page
How to install IIS and run ASP on Windows XP Professional
Note: You cannot run ASP on Windows XP Home Edition.
1. Insert the Windows XP Professional CD-Rom into your CD-Rom Drive
2. From your Start Button, go to Settings, and Control Panel
3. In the Control Panel window select Add/Remove Programs
4. In the Add/Remove window select Add/Remove Windows Components
5. In the Wizard window check Internet Information Services, click OK
6. An Inetpub folder will be created on your harddrive
7. Open the Inetpub folder, and find a folder named wwwroot
8. Create a new folder, like "MyWeb", under wwwroot.
9. Use a text editor to write some ASP code, save the file as "test1.asp" in the "MyWeb" folder
10. Make sure your Web server is running - its status can be checked by going into the Control Panel, then Administrative Tools, and double-click the "IIS Manager" icon
11. Open your browser and type in "http://localhost/MyWeb/test1.asp", to view your first ASP page
How to install IIS and run ASP on Windows Server 2003 (Windows .NET Server)
1. When you start the Windows Server 2003, you should see the Manage Your Server wizard
2. If the wizard is not displayed, go to Administrative Tools, and select Manage Your Server
3. In the wizard, click Add or Remove a Role, click Next
4. Select Custom Configuration, click Next
5. Select Application Server role, click Next
6. Select Enable ASP.NET, click Next
7. Now, the wizard may ask for the Server 2003 CD. Insert the CD and let it run until it is finished, then click the Finish button
8. The wizard should now show the Application Server role installed
9. Click on Manage This Application Server to bring up the Application Server Management Console (MMC)
10. Expand the Internet Information Services (IIS) Manager, then expand your server, and then the Web Sites folder
11. You should see the Default Web Site, and it should not say (Stopped)
12. IIS is running!
13. In the Internet Information Services (IIS) Manager click on the Web Service Extensions folder
14. Here you will see that Active Server Pages are Prohibited (this is the default configuration of IIS 6)
15. Highlight Active Server Pages and click the Allow button
16. ASP is now active!
Search Engine Optimisation (SEO) Tips
There a millions of web sites on the Internet, with 1000's more being added every day.
One of the best ways of finding any of these web sites is by using search engines, but you type anything into a search engine you are likely to get 1000's of search results, and how many times do you look beyond the second page of search results? Not very often I guess.
Well what you need to do is to try and get your web site listed as high as possible in the results and there are a number of things you can do to help.
To see how many Untitled Documents there are out there, all you need to do is type Untitled Document into a search on Google, when I tried it returned 44,600,000 search results. When you look at the pages found, Untitled Document, is not going to make you want to visit that page.
It is best to use the title for your page that describes the content of your page as much as possible in the most descriptive way. For example, if you were looking for a page that sells Crystal Wine Glasses and the search engine title for the page said Glasses it could mean the page contained anything from Sunglasses to Beer Glasses.
Meta tags are used by almost all search engines to index your page and contain items such as page description and keywords.
The description meta tag is very often used by a search engine to display a sort description of what your web page contains. Some search engines look at the keywords entered into the keywords meta tag and will use this to display your page in the search results if it is one of the words used in the search criteria.
For more information on Meta Tags look at the Meta Tags Optimisation Tutorial.
Some search engines will even index your entire page. To try and trick search engines some people enter hundreds of keywords into the bottom of the page but in the same colour as the background so they can't be seen by the user, but they can by the search engine spider. This is known as spamming and many search engines are clever enough these days to see this and will actually put your site lower in the listings or black list it altogether.
Where possible try not to use images that contain text as what maybe easily visible to you won't be able to be indexed by a search engine.
With this in mind it is worth searching the Internet for other web sites on the same topic as your own. Many of these sites will have link pages and even if they don't its worth asking the web site owner if they could link to your web site.
The more links to your site the better as I find many sites get more visitors from other sites linking to them than come through search engines anyway.
To help over come this problem place your main homepage into the noframes part of the document that opens all your frames. The noframes part of the page is for those browsers that can't handle frames, but as most nowadays do your web site visitors will never see what is in this part of the document.
To help index other pages on your site it is also worth placing links in the noframes part of the document as this will allow the search engine spider to find other pages on your site and index them.
Frames do cause allot of problems and not just when indexing your site, what happens if someone clicks onto a link which takes them into only one frame on your site, they may not be able to view any navigation controls and so will not be able to go to other parts of your site. I would recommend, where possible not to use a frames on your site.
One of the best ways of finding any of these web sites is by using search engines, but you type anything into a search engine you are likely to get 1000's of search results, and how many times do you look beyond the second page of search results? Not very often I guess.
Well what you need to do is to try and get your web site listed as high as possible in the results and there are a number of things you can do to help.
Page Title
Make sure each page on your web site has a title in the head of the document. Many search engines use the title of the web page as the link to your site, so it is important that your title be as relevant and descriptive as possible.To see how many Untitled Documents there are out there, all you need to do is type Untitled Document into a search on Google, when I tried it returned 44,600,000 search results. When you look at the pages found, Untitled Document, is not going to make you want to visit that page.
It is best to use the title for your page that describes the content of your page as much as possible in the most descriptive way. For example, if you were looking for a page that sells Crystal Wine Glasses and the search engine title for the page said Glasses it could mean the page contained anything from Sunglasses to Beer Glasses.
Meta Tags
Meta tags are one of the most important parts of a web page when it is indexed by a search engine.Meta tags are used by almost all search engines to index your page and contain items such as page description and keywords.
The description meta tag is very often used by a search engine to display a sort description of what your web page contains. Some search engines look at the keywords entered into the keywords meta tag and will use this to display your page in the search results if it is one of the words used in the search criteria.
For more information on Meta Tags look at the Meta Tags Optimisation Tutorial.
Page Content
A number of search engines will index the first few lines of your web page, so try to make a the first few lines as descriptive as possible.Some search engines will even index your entire page. To try and trick search engines some people enter hundreds of keywords into the bottom of the page but in the same colour as the background so they can't be seen by the user, but they can by the search engine spider. This is known as spamming and many search engines are clever enough these days to see this and will actually put your site lower in the listings or black list it altogether.
Hyperlinks
Try to place as many descriptive text links in your homepage to other relevant pages in your site as possible as search engines will use these links to index the other pages on your site.Images
Most sites these days contain images, so it is important that you use the alt tag on any images to try and describe as much as possible what the image is of. Not only will this help index your site better but it will also help those visitors to your site who are visually impaired.Where possible try not to use images that contain text as what maybe easily visible to you won't be able to be indexed by a search engine.
Links to Your Site
Many search engines, including Google, will return your web site higher in search results by the amount of web sites that link to your site, also the higher the profile of the site that links to yours, the higher your listing is in search results again.With this in mind it is worth searching the Internet for other web sites on the same topic as your own. Many of these sites will have link pages and even if they don't its worth asking the web site owner if they could link to your web site.
The more links to your site the better as I find many sites get more visitors from other sites linking to them than come through search engines anyway.
Sites Using Frames
Frames tend to cause search engine spiders allot of problems when indexing your site as many won't recognise the document that opens up your frames and so wont index your pages.To help over come this problem place your main homepage into the noframes part of the document that opens all your frames. The noframes part of the page is for those browsers that can't handle frames, but as most nowadays do your web site visitors will never see what is in this part of the document.
To help index other pages on your site it is also worth placing links in the noframes part of the document as this will allow the search engine spider to find other pages on your site and index them.
Frames do cause allot of problems and not just when indexing your site, what happens if someone clicks onto a link which takes them into only one frame on your site, they may not be able to view any navigation controls and so will not be able to go to other parts of your site. I would recommend, where possible not to use a frames on your site.
ASP Web Based Email Using Microsoft's CDONTS
If you are reading this page then I shall assume that you already know a little bit about ASP and running ASP applications.
The download to this tutorial has 4 working examples of Web Wiz Email Form's (CDONTS) which you can use to allow your web site visitors to send their comments or enquiries to your e-mail address or send e-mails to their own friends form your site.
However, I not going to go into how the form is written as it uses standard HTML and JavaScript to capture the users details. Instead I'm going to concentrate on the actual methods and properties the CDONTS NewMail object uses to format and then send the email.
CDONTS stands for 'Collaboration Data Objects for Windows NT Server' and as the name suggest it is for NT, sorry Win9x users you don't have this component. The CDONTS component is installed when you install IIS on NT4 and Windows 2000. Although the component will run on Windows XP, Microsoft have decided to remove the component from IIS 5.1 on Windows XP, so you will have to track down a copy of the cdonts.dll and register it on the IIS web server.
To use this component to send e-mail you also need the SMTP Server that ships with IIS 4 or 5 installed on the web server. The SMTP server is usually installed by default with the standard IIS installation.
First we need to create the variables that we are going to be using in this script.
<% 'Dimension variables Dim objCDOMail 'Holds the CDONTS NewMail Object Next we need to create an instance of the 'CDONTS NewMail' object on the server. 'Create the e-mail server object Set objCDOMail = Server.CreateObject("CDONTS.NewMail") Once the 'NewMail' object has been created on the server we can use various properties and methods of the 'NewMail' object to build the e-mail. First we are going to use the 'From' property to let the recipient of the e-mail know who the e-mail is from. If you leave this property out or do not have a properly format e-mail address the e-mail will fail. 'Who the e-mail is from objCDOMail.From = "myE-mailHere@myDomain.com" Now we need to place a string value representing the e-mail address of the person you want to receive the e-mail into the 'To' property of the 'NewMail' object. 'Who the e-mail is sent to objCDOMail.To = "theirEmail@theirDomain.com" The next property 'Cc' holds the e-mail address of the people you wish to receive Carbon Copies of the e-mail. You can place one or more recipient e-mail addresses separated by either a comma (,) or a semicolon (;). Make sure all the e-mail address are properly formatted or the e-mail will fail. This property can be left out if you don't want any carbon copies of the e-mail sent. 'Who the carbon copies are sent to objCDOMail.Cc = "myFriend1@theirDomain.com;myFriend2@anotherDomain.com" The 'Bcc' property holds the e-mail address of the people you wish to receive Blind Copies of the e-mail. The formatting of the e-mail addresses is the same as for the 'Cc' property above. Again if you don't want to send any blind copies of the message you can leave this property out. 'Who the blind copies are sent to objCDOMail.Bcc = "myFriend1@theirDomain.com;myFriend2@anotherDomain.com" In the next line we use the 'Subject' property to set the subject of the e-mail. 'Set the subject of the e-mail objCDOMail.Subject = "Enquiry sent from my web site" As well as sending plain text e-mail's you can also format the body of the e-mail using HTML. The default is Text but if you wish to format the e-mail using HTML then you will need to use the 'BodyFormat' property with the integer value of '0' for HTML or '1' for Text. If you leave this property out the e-mail will be sent as plain text format. 'Set the e-mail body format (0=HTML 1=Text) objCDOMail.BodyFormat = 0 If you wish to use HTML formatting in the e-mail, as well as setting the 'BodyFormat' property above to HTML, you will also need to set the 'MailFormat' property to MIME. Again this property uses and integer value of '0' for MIME and '1' for Text. The default is text so if your e-mail is text only you can leave this property out. 'Set the mail format (0=MIME 1=Text) objCDOMail.MailFormat = 0 The next property were covering is the 'Body' property. This property holds the main part of the e-mail with the message you are sending. If you have set the 'BodyFormat' property to HTML and the 'MailFormat' to MIME then you can use HTML to format your e-mail message. 'eg.
This is my e-mail in HTML format'.
If you want to send the e-mail as text then you can just enter text instead. 'eg. Hello This is my e-mail in Text format'.
'Set the main body of the e-mail
objCDOMail.Body = "
This is my e-mail in HTML format"
The 'Importance' property tells the mail messaging system when to schedule delivery of the e-mail.
For this property there is 3 different integer values, 0 - Low, the e-mail will be sent during times of low system use, 1 - Normal, the message is sent at regular delivery times, 2 - High, the system will attempt to send the message immediately.
If this property is left out the default is Normal.
'Importance of the e-mail (0=Low, 1=Normal, 2=High)
objCDOMail.Importance = 1
Once all the properties for the e-mail are set we can now send the e-mail using the 'Send' property.
'Send the e-mail
objCDOMail.Send
Finally once the e-mail has been sent we can close the server object releasing server resources.
'Close the server object
Set objCDOMail = Nothing
%>
There are other methods and properties of the 'NewMail CDONTS' object but to keep things simple I have tried to cover the most common properties needed to send an e-mail from your web site.
The download to this tutorial has 4 working examples of Web Wiz Email Form's (CDONTS) which you can use to allow your web site visitors to send their comments or enquiries to your e-mail address or send e-mails to their own friends form your site.
However, I not going to go into how the form is written as it uses standard HTML and JavaScript to capture the users details. Instead I'm going to concentrate on the actual methods and properties the CDONTS NewMail object uses to format and then send the email.
CDONTS stands for 'Collaboration Data Objects for Windows NT Server' and as the name suggest it is for NT, sorry Win9x users you don't have this component. The CDONTS component is installed when you install IIS on NT4 and Windows 2000. Although the component will run on Windows XP, Microsoft have decided to remove the component from IIS 5.1 on Windows XP, so you will have to track down a copy of the cdonts.dll and register it on the IIS web server.
To use this component to send e-mail you also need the SMTP Server that ships with IIS 4 or 5 installed on the web server. The SMTP server is usually installed by default with the standard IIS installation.
First we need to create the variables that we are going to be using in this script.
<% 'Dimension variables Dim objCDOMail 'Holds the CDONTS NewMail Object Next we need to create an instance of the 'CDONTS NewMail' object on the server. 'Create the e-mail server object Set objCDOMail = Server.CreateObject("CDONTS.NewMail") Once the 'NewMail' object has been created on the server we can use various properties and methods of the 'NewMail' object to build the e-mail. First we are going to use the 'From' property to let the recipient of the e-mail know who the e-mail is from. If you leave this property out or do not have a properly format e-mail address the e-mail will fail. 'Who the e-mail is from objCDOMail.From = "myE-mailHere@myDomain.com" Now we need to place a string value representing the e-mail address of the person you want to receive the e-mail into the 'To' property of the 'NewMail' object. 'Who the e-mail is sent to objCDOMail.To = "theirEmail@theirDomain.com" The next property 'Cc' holds the e-mail address of the people you wish to receive Carbon Copies of the e-mail. You can place one or more recipient e-mail addresses separated by either a comma (,) or a semicolon (;). Make sure all the e-mail address are properly formatted or the e-mail will fail. This property can be left out if you don't want any carbon copies of the e-mail sent. 'Who the carbon copies are sent to objCDOMail.Cc = "myFriend1@theirDomain.com;myFriend2@anotherDomain.com" The 'Bcc' property holds the e-mail address of the people you wish to receive Blind Copies of the e-mail. The formatting of the e-mail addresses is the same as for the 'Cc' property above. Again if you don't want to send any blind copies of the message you can leave this property out. 'Who the blind copies are sent to objCDOMail.Bcc = "myFriend1@theirDomain.com;myFriend2@anotherDomain.com" In the next line we use the 'Subject' property to set the subject of the e-mail. 'Set the subject of the e-mail objCDOMail.Subject = "Enquiry sent from my web site" As well as sending plain text e-mail's you can also format the body of the e-mail using HTML. The default is Text but if you wish to format the e-mail using HTML then you will need to use the 'BodyFormat' property with the integer value of '0' for HTML or '1' for Text. If you leave this property out the e-mail will be sent as plain text format. 'Set the e-mail body format (0=HTML 1=Text) objCDOMail.BodyFormat = 0 If you wish to use HTML formatting in the e-mail, as well as setting the 'BodyFormat' property above to HTML, you will also need to set the 'MailFormat' property to MIME. Again this property uses and integer value of '0' for MIME and '1' for Text. The default is text so if your e-mail is text only you can leave this property out. 'Set the mail format (0=MIME 1=Text) objCDOMail.MailFormat = 0 The next property were covering is the 'Body' property. This property holds the main part of the e-mail with the message you are sending. If you have set the 'BodyFormat' property to HTML and the 'MailFormat' to MIME then you can use HTML to format your e-mail message. 'eg.
Hello
This is my e-mail in HTML format'.
If you want to send the e-mail as text then you can just enter text instead. 'eg. Hello This is my e-mail in Text format'.
'Set the main body of the e-mail
objCDOMail.Body = "
Hello
This is my e-mail in HTML format"
The 'Importance' property tells the mail messaging system when to schedule delivery of the e-mail.
For this property there is 3 different integer values, 0 - Low, the e-mail will be sent during times of low system use, 1 - Normal, the message is sent at regular delivery times, 2 - High, the system will attempt to send the message immediately.
If this property is left out the default is Normal.
'Importance of the e-mail (0=Low, 1=Normal, 2=High)
objCDOMail.Importance = 1
Once all the properties for the e-mail are set we can now send the e-mail using the 'Send' property.
'Send the e-mail
objCDOMail.Send
Finally once the e-mail has been sent we can close the server object releasing server resources.
'Close the server object
Set objCDOMail = Nothing
%>
There are other methods and properties of the 'NewMail CDONTS' object but to keep things simple I have tried to cover the most common properties needed to send an e-mail from your web site.
What Are Active Server Pages (ASP)?
Active Server Pages or ASP, as it is more commonly known, is a technology that enables you to make dynamic and interactive web pages.
ASP uses server-side scripting to dynamically produce web pages that are not affected by the type of browser the web site visitor is using.
The default scripting language used for writing ASP is VBScript, although you can use other scripting languages like JScript (Microsoft's version of JavaScript).
ASP pages have the extension .asp instead of .htm, when a page with the extension .asp is requested by a browser the web server knows to interpret any ASP contained within the web page before sending the HTML produced to the browser. This way all the ASP is run on the web server and no ASP will ever be passed to the web browser.
Any web pages containing ASP cannot be run by just simply opening the page in a web browser. The page must be requested through a web server that supports ASP, this is why ASP stands for Active Server Pages, no server, no active pages.
As ASP was first introduced by Microsoft on it's web server, Internet Information Services (IIS), that runs on Windows 2000/XP Pro/NT4, it is this web server that ASP pages usually run best on.
For those of you running Windows and wish to play around with ASP on your own system you will need to install Microsoft's Internet Information Services (IIS). Lucky IIS or its micro version Personal Web Server (PWS) comes free with Windows.
For Windows users you can find Internet Information Services (IIS) or Personal Web Server (PWS) in the following places: -
* Windows XP Pro/2003/2000 - IIS can be found in 'Add/Remove Programs' in the 'Control Panel'.
* Windows 98 - PWS can be found under 'add-ons' on the Windows 98 CD.
* Windows NT4/95 - You can get hold of IIS by downloading the NT4 Option Pack from Microsoft (don't be fooled by the name as it also runs on Windows 95).
* Windows ME - IIS and PWS are not supported on this operating system.
* Windows XP Home Edition - IIS and PWS are not supported on this operating system.
For those of you running other operating systems or web servers Sun produce a product called Chili!Soft ASP which enables ASP to be used on other web servers including, Apache, I-Planet, Zeus, Red Hat Secure Server, etc, using various operating systems including, Linux, Solaris, HP-UX, AIX, etc. You can find out more information on Sun Chilli!Soft ASP or download a trial version from,
ASP uses server-side scripting to dynamically produce web pages that are not affected by the type of browser the web site visitor is using.
The default scripting language used for writing ASP is VBScript, although you can use other scripting languages like JScript (Microsoft's version of JavaScript).
ASP pages have the extension .asp instead of .htm, when a page with the extension .asp is requested by a browser the web server knows to interpret any ASP contained within the web page before sending the HTML produced to the browser. This way all the ASP is run on the web server and no ASP will ever be passed to the web browser.
Any web pages containing ASP cannot be run by just simply opening the page in a web browser. The page must be requested through a web server that supports ASP, this is why ASP stands for Active Server Pages, no server, no active pages.
As ASP was first introduced by Microsoft on it's web server, Internet Information Services (IIS), that runs on Windows 2000/XP Pro/NT4, it is this web server that ASP pages usually run best on.
For those of you running Windows and wish to play around with ASP on your own system you will need to install Microsoft's Internet Information Services (IIS). Lucky IIS or its micro version Personal Web Server (PWS) comes free with Windows.
For Windows users you can find Internet Information Services (IIS) or Personal Web Server (PWS) in the following places: -
* Windows XP Pro/2003/2000 - IIS can be found in 'Add/Remove Programs' in the 'Control Panel'.
* Windows 98 - PWS can be found under 'add-ons' on the Windows 98 CD.
* Windows NT4/95 - You can get hold of IIS by downloading the NT4 Option Pack from Microsoft (don't be fooled by the name as it also runs on Windows 95).
* Windows ME - IIS and PWS are not supported on this operating system.
* Windows XP Home Edition - IIS and PWS are not supported on this operating system.
For those of you running other operating systems or web servers Sun produce a product called Chili!Soft ASP which enables ASP to be used on other web servers including, Apache, I-Planet, Zeus, Red Hat Secure Server, etc, using various operating systems including, Linux, Solaris, HP-UX, AIX, etc. You can find out more information on Sun Chilli!Soft ASP or download a trial version from,
ASP Tutorial
In our ASP tutorial you will learn about ASP, and how to execute scripts on your server.
You will see that ASP is a powerful tool for making dynamic and interactive Web pages.
What you should already know
Before you continue you should have some basic understanding of the following:
* HTML / XHTML
* A scripting language like JavaScript or VBScript
If you want to study these subjects first, find the tutorials on our Home page.
What is ASP?
* ASP stands for Active Server Pages
* ASP is a program that runs inside IIS
* IIS stands for Internet Information Services
* IIS comes as a free component with Windows 2000
* IIS is also a part of the Windows NT 4.0 Option Pack
* The Option Pack can be downloaded from Microsoft
* PWS is a smaller - but fully functional - version of IIS
* PWS can be found on your Windows 95/98 CD
ASP Compatibility
* ASP is a Microsoft Technology
* To run IIS you must have Windows NT 4.0 or later
* To run PWS you must have Windows 95 or later
* ChiliASP is a technology that runs ASP without Windows OS
* InstantASP is another technology that runs ASP without Windows
What is an ASP File?
* An ASP file is just the same as an HTML file
* An ASP file can contain text, HTML, XML, and scripts
* Scripts in an ASP file are executed on the server
* An ASP file has the file extension ".asp"
How Does ASP Differ from HTML?
* When a browser requests an HTML file, the server returns the file
* When a browser requests an ASP file, IIS passes the request to the ASP engine. The ASP engine reads the ASP file, line by line, and executes the scripts in the file. Finally, the ASP file is returned to the browser as plain HTML
What can ASP do for you?
* Dynamically edit, change or add any content of a Web page
* Respond to user queries or data submitted from HTML forms
* Access any data or databases and return the results to a browser
* Customize a Web page to make it more useful for individual users
* The advantages of using ASP instead of CGI and Perl, are those of simplicity and speed
* Provide security since your ASP code can not be viewed from the browser
* Clever ASP programming can minimize the network traffic
Important: Because the scripts are executed on the server, the browser that displays the ASP file does not need to support scripting at all!
Subscribe to:
Posts (Atom)
