Category Archives: Windows Server

The response is not a valid JSON response – Windows IIS

If you’re I presume you’ve already tried some other techniques to fix the “The response is not a valid JSON response” issue with WordPress running on Windows Server and IIS.

In my case, I am running PHP 8.1.8 and the issue was easy to fix.

For me, the error happened while trying to save content to a Widget.

In the log files I noticed the OPTIONS verb being used and a 405 error.

The fix is simple.  Go to HANDLER MAPPINGS, double click your PHP mapping.

Click REQUEST RESTRICTIONS.

Click VERBS

do one or the other.  Add the word OPTIONS to the current list, OR just click ALL VERBS.

Save changes.

Your “The response is not a valid JSON response” should now go away.

 

NOTE:  On IIS WordPress setups, you need to make sure you have a HOSTS file mapping for your website to the local IP address for the website (NOT PUBLIC IP, local machine IP).  This is necessary for the various CRON jobs to work.

 

How to get IMAGICK working under Windows Server IIS

Here is the simple method to get IMAGICK working under Windows Server 2019/2022 and IIS 10.0 and later.

 

  1.  Presuming using PHP 7.4.X (current version is 7.4.27 as of 2/14/22).  NOTE:  This is not working properly under PHP 8.x
  2. Make sure you’ve downloaded the most current 7.4.X version and installed it on your IIS/PHP Manager, which properly sets up the handler mappings.
  3.  download IMAGICK
    1. https://windows.php.net/downloads/pecl/releases/imagick/
    2. Pick the most current, NON “RC” version.  For me, that was 3.7.0
    3. Download the version for PHP 7.4, NTS, vc15, x64
      1. For me, that was -> php_imagick-3.7.0-7.4-nts-vc15-x64.zip
    4. Make sure you have the Visual C 15 runtime installed.  (Google it and download/install if needed)
  4. Extract the archive above to a temporary directory
  5. copy php_imagick.dll to your PHP\ext directory.
    1. MAKE SURE you are in the correct directory, e.g. for me that was php-7.4.27-nts-Win32-vc15-x64\ext
  6. in the archive directory, SORT BY TYPE.
    1. Copy all CORE_RL*.DLL (28 files)
    2. Copy all FILTER*.DLL  (one)
    3. Copy all IM_MOD_RL (134 files)
    4. copy all these to your PHP version’s ROOT directory.  For me, that was 7.4.27-nts-Win32-vc15-x64  (NOT THE EXT DIRECTORY!)
  7.  Go to PHP manager and click on check PHPINFO().  When that comes up, scroll down and make sure you see a section for IMAGICK.
  8.  Note:  If you are using WordPress, please read this post to make sure you don’t get JSON errors.

WordPress There was an error. The response is not a valid JSON response.

If you are running WordPress on IIS and experiencing this issue, another thing you can check is the FastCGI settings to make sure the OPTIONS verb is allowed.

In my case, I am using a brand new setup of WordPress on a Windows Server 2019 IIS 10.0.  When I went to Appearance, Widgets, made a change and clicked “update” I would get the “There was an error. The response is not a valid JSON response.” message.

I looked at all my other settings including SSL, Permalinks, etc. and they all looked good.

THE FIX

On the site with this particular “There was an error. The response is not a valid JSON response.” issue, the fix was easy.

Go to Handler Mappings for the site in question.

Double click the version of PHP that is setup (under PHP Manager)

Go to REQUEST RESTRICTIONS

VERBS

Make sure either “ALL“, or “One of the following” is selected.  If “One of the following” is selected, use this list:

GET,HEAD,POST,OPTIONS

 

Save your changes/close the dialog boxes and retry your save operation.

How to configure IIS to allow access to apple-developer-merchantid-domain-association

Also know as how to configure IIS to permit access to files with NO extension.

In this case we need to create a file in this location:

https://(my-website-domain)/.well-known/apple-developer-merchantid-domain-association

 

  1. Create a directory in your website called “well known”
  2. Create a virtual directory in the IIS manager, alias is .well-known and point it to the directory above.
  3. Place the file from Apple — apple-developer-merchantid-domain-association into the “well known” real directory
  4. Back in the IIS Manager… click on the .well-known virtual directory
  5. Screenshot:
  6. Click on MIME TYPES
  7. Add a new mime type. Extension .* and Mime type = application/octet-stream
  8. Hit OK
  9. Go test the file from a web browser.  It should now work and you can now have Apple verify your site.

Cannot browse network neighborhood under Windows 10 Fall Creators update 1709 and newer

Once again, Microsoft has thrown a monkey wrench into the operation of how your network neighborhood (or “Network”) item under Windows 10 works.

I had previously created this blog post which addressed the initial issues with Windows 10 not allowing the Network to show a list of all your local computers.

Well, due to the Fall Creators update and versions 1709 and later, Microsoft has moved even further to stop the use (and functionality) of the Network icon inside windows explorer.

Microsoft has completely disabled (and removed) SMBv1 in Windows 10 (and modern Windows Server 2016) starting with the FALL CREATORS UPDATE build 1709 and later.   This in-effect completely disables the ability for your NETWORK item in Windows Explorer to populate a list of your local network computers.

I manage several small networks and it is EXTREMELY helpful to be able to browse a list of all the local computers.

To fix this issue, go to WINDOWS FEATURES (just use Cortana and type in windows features), expand SMB 1.0/CIFS File Sharing Support

CHECK: SMB 1.0/CIFS CLIENT and SERVER

click OK

it will prompt you to reboot

when you’ve rebooted, go to windows file explorer and click on NETWORK.  you may need to hit the refresh icon, but it should pull the list of all local PC’s and magically your network neighborhood will now work!

 

**Note: if you try this and it still doesn’t work, make sure you do the registry entry on my prior blog post (link at the top of this post).  You will need to add that registry key and reboot.

 

Coldfusion 10 and Windows Server – Installation Musings

Here are some various tips and tricks as part of my brain dump for the process to get ColdFusion 10 running under Windows Server 2016.

  1. Run the ColdFusion installer under compatibility mode – Windows 7
  2. you must have the following installed under IIS
    1. CGI, ISAPI (both), ASP.NET
  3. make sure the APPPOOL for the site has 32 bit compatiblity to TRUE under app pool – advanced settings
  4. immediately after installing CF, you need to go download the latest hotfix (version 24 as of June 2017) and install it.  Directions are here
  5. Read this – it’s VERY important.
    1. you must create the two virtual directories CFIDE and JAKARTA and point them to the correct folders.
    2. NOTE: on my system, the default site was SITE ID #1 and the first actual CF site was ID #2.  However, the only way that CF would work was for me to point the jakarta directory to “1” (the default site)…
  6. Get friendly error messages->
    1. CF admin, Settings, UNCHECK “Enable HTTP status codes
  7. debug your website easily… (do #6) and then:
    1. CF admin, Debugging and Logging
      1. CHECK “Enable Robust Exception Information”
      2. CHECK “Enable Request Debugging Output”
      3. Debugging & Logging > Debugging IP Addresses
        1. add your workstation’s IP address to this list
      4. NOTE:  Make sure you TURN OFF these settings before going live on a public site
    2. Refresh your CF pages and a boat load of debugging info should show up at the bottom of each page
  8. Mail configuration is under Settings>Mail, if your website needs it.

Any other questions/comments?  Let me know!

Coldfusion with PostgreSQL – Timeout issue when setting up CF Data source

Upon trying to connect to a remote POSTGRESQL database server — which I can both PING fine and connect to using the Windows POSTGRESQL odbc 32 bit drivers —

you get this error

Connection verification failed for data source: mytest_post
java.sql.SQLException: Timed out trying to establish connection
The root cause was that: java.sql.SQLException: Timed out trying to establish connection

==

Here is the easy fix.  (presumtion of CF 10)

  1. make sure you apply the most current CF hotfix
    1. easy process – read this blog post
  2.  for an “out-of-the-box” setup, (noting that CF 10 is running on JRE 6.x), download the JDBC driver version 4.0 (which is for JRE 6.x)  here
  3.  put that JAR file in the following directory
    1. C:\ColdFusion10\cfusion\lib
    2. remove the old POSTGRESQL JAR file postgresql-9.3-1101.jdbc41.jar
    3. restart the CF services
  4. Go setup the postgreSQL connection and verify it.  Should now give you an “OK”

This was a NIGHTMARE to sort out.  I am hoping this can help someone!

 

Classic ASP switch to TLS 1.2

I recently came across a failed PCI scan for one of our clients.  This failure was due to TLS 1.0 being enabled on that Windows server.

We ran IISCRYPTO (link) and disabled TLS.

Upon restarting the server, the Classic ASP site threw the following error:

Microsoft OLE DB Provider for ODBC Drivers (0x80004005)
[Microsoft][ODBC SQL Server Driver][DBNETLIB]SSL Security error

That error is because the web server is no longer using TLS 1.0 and the Classic ASP application (web site) is using too old of a driver on the server, to communicate with TLS 1.1 and/or 1.2.

To get around this, go download the latest ODBC driver from Microsoft, which is version 13.1 as of today.  You will most likely need to install the 32-bit version (as most ASP apps run in 32 bit mode).  Link here

Install that driver.

then go to your Windows server, Administrative tools and open the ODBC Data Sources (32-bit)

The 32-bit ODBC Administrator is found here: C:\Windows\SysWOW64\odbcad32.exe

go to the SYSTEM tab

add a new data source

Pick “ODBC DRIVER 13 for SQL Server”… (hit finish)

 

put in the name (no spaces or punctuation)

server name (or IP address) (NEXT)

 

authentication (USE SQL server auth, enter the LoginID and PW) (NEXT)

 

continue, then test the connection (it should work).

go to your Classic ASP application.

 

 

You will need to update the connection string to this:

DSN=YourNewSystemDSNName;Uid=YourSQLUsernameHere;Pwd=SQLpassword;

You can now use IISCrypto and disable TLS 1.0

Reboot the server

re-test your Classic ASP app and now you should be up and running on TLS 1.1 or 1.2

 

 

 

 

Adding DKIM records to Kerio Connect

If you want to implement DKIM (signed email) to your Kerio Connect setup, here’s the easy way.

Start by reading these links

Kerio link 1

Kerio link 2

The following setup is for Kerio Connect 9.x, and Windows Server 201X DNS server

  1. Make sure your email server is properly connected to a good public DNS server, such as Google (8.8.8.8 and 8.8.4.4.)
  2. Go to Kerio Connect, Configuration, Domains.
  3. Click SHOW PUBLIC KEY and copy it.
  4. paste it into notepad.  We’ll need to rework it a bit to be compatible with Windows DNS.  Note:  Windows DNS limits the length of one single string of characters, so we’ll need to split it into several lines.
  5. Reformat it like this.  Break it into even lines, around 100 characters each.  The exact length doesn’t matter.  Just do it evenly, hit enter at each breakpoint.
  6.  NOTE:  make SURE there is a SPACE between the semicolon and the p
    1. as in v=DKIM1; p=xxxx
  7. example properly reformatted
  8. Copy this reformatted string
  9. Go to the domain in your Windows DNS server.  For example, if your domain is mydomain.com go to that domain in the DNS Server management console.
  10. right click, other records, add TXT record
  11. Record name is:  mail._domainkey
  12. after you enter that, you will see the FQDN look like this:
    1. mail._domainkey.mydomain.com
  13. Paste the string from #7 above into the text box, as-is.
  14. Hit ok and save that change.
  15. repeat this for any other domain.  On Kerio Connect, all the domains on the one email server use the exact same DKIM keys.
  16. Now we are going to test the DKIM record to make sure it can be properly read.
    1. go to https://mxtoolbox.com/
    2. type in your domain
    3. hit check MX
    4. when that completes (successfully), change the drop down to “DKIM Lookup”
      1. type in your full DKIM string:
      2. mail._domainkey.mydomain.com.
    5. Run the DKIM Lookup
    6. You should see a successful test, and your report should look just like this:
    7. if it doesn’t look like this, then you did something wrong with your TXT record creation, or you forgot to put the entire DKIM key in the lookup.
    8. Since all is well, proceed.
  17. next, go back to Kerio Connect.
  18. while still on the domain, check the checkbox to enable DKIM
  19. If the DNS on your email server is setup properly, and it is communicating properly to your DNS server, you should see the box above.
    1. If you see a message “DKIM public key not found in public DNS”
    2. try restarting KMS
    3. Try going to a command prompt and ipconfig /flushdns
  20. Presuming that you do see the proper message in #18 above, we now need to do a test email to verify everything is working.
  21. Go to http://www.appmaildev.com/en/dkim
  22. click next step
  23. the site will generate an email address
  24. copy this email address and send a blank email to that address FROM AN EMAIL ACCOUNT ON THE DOMAIN you setup with DKIM above.
  25. Wait for the site to receive the email and generate it’s report (a few seconds)
  26. you should see DKIM = PASS

 

While you’re at it, don’t forget to create SPF and DMARC records for your domain to cover all the bases.

 

1 2 3 5