Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Improve Web User Experience with IIS SEO Toolkit RTW an

17 Nov 2009   #1
SGT Oddball

Improve Web User Experience with IIS SEO Toolkit RTW an

Remember the scene in Diehard when he shoots the glass? That was cool. What’s even cooler is now you can fine tune your Web site for the search engine, thus improving the experience for your Web users.

Today, Microsoft announced the releases of IIS Search Engine Optimization (SEO) Toolkit RTW and IIS URL Rewriter 2.0 RC – both extensions for IIS.

Don’t take it personally – I know it can be hard when your significant other tells you how to make improvements on something you worked hard on, let alone a faceless piece of software. But really, they are both just trying to help. Think of the customers.

The IIS SEO Toolkit helps Web developers, hosting providers, and Web server administrators to improve their Web site’s relevance in search results by recommending how to make the site content more search engine-friendly. The IIS SEO Toolkit helps to improve the volume and quality of traffic to your Web site from search engines, control how search engines access and display Web content, and inform search engines about locations that are available for indexing.

We’ve all been to a cocktail party when you’re trying to impress that certain person, and they ask for the URL of the latest project you are working on. It’s embarrassing when you have to rattle off a long-winded URL with question marks, equal signs, random ID numbers, and ampersands. But with URL Rewriter, you don’t have to anymore.

IIS URL Rewriter 2.0 adds support for outbound response rewriting and enables Web administrators to create powerful rules to implement URLs that are easier for users to remember and easier for search engines to find. IIS URL Rewriter 2.0 can now replace the URLs generated by a Web application in the response HTML with a more user friendly and search engine friendly equivalent, modify the links in the HTML markup generated by a Web application behind a reverse proxy, and fix up the content of any HTTP response by using regular expression pattern matching. IIS URL Rewriter 2.0 helps to easily define rules that match URLs or HTTP headers to generate more friendly and consistent URLs, protect content and assets from unauthorized linking and scanning, and integrate with existing IIS features to improve management, performance, and troubleshooting.

Did I mention it’s free? And it’s available to download and install today with the Microsoft Web Platform Installer 2.0, your one-stop shop to get everything for the Microsoft Web Platform – including IIS SEO Toolkit RTW and IIS URL Rewriter 2.0 RC. From IIS Extensions to the Windows Web App Gallery and beyond, there is sure to be something useful for your Web site endeavors.

Oh, if you run PHP, be sure to check out our learning section on Running PHP Applications on IIS. We have a ton of brand new and updated content to help provide PHP on Windows users a single source of end-to-end guidance. Pretty sweet!

For more information or to download, please visit the IIS SEO Toolkit RTW page and the IIS URL Rewriter 2.0 RC page.

Eric Rezabek

Senior Product Manager


My System SpecsSystem Spec
17 Nov 2009   #2

Win 7 Ultimate 64-bit, Win7 N 32-bit, WHS

This wouldn't have anything to do with the SEO exploit flood that's making the news today?!
My System SpecsSystem Spec
18 Nov 2009   #3

Windows 10 Workstation x64

Quote   Quote: Originally Posted by carioca View Post
This wouldn't have anything to do with the SEO exploit flood that's making the news today?!
I haven't seen anything about that, do you have a link to some info?
My System SpecsSystem Spec

19 Nov 2009   #4

Win 7 Ultimate 64-bit, Win7 N 32-bit, WHS

Hi z3r010,

Sorry, have deleted the item. I get a number of alerts from the likes of ZDnet (which I think was the one running this SEO item a day or two ago)... It sounded quite alarmist.

Will have a quick google for it later tonite.


LMH a.k.a. carioca
My System SpecsSystem Spec
19 Nov 2009   #5

Win 7 Ultimate 64-bit, Win7 N 32-bit, WHS

Quote   Quote: Originally Posted by z3r010 View Post
Quote   Quote: Originally Posted by carioca View Post
This wouldn't have anything to do with the SEO exploit flood that's making the news today?!
I haven't seen anything about that, do you have a link to some info?
November 17th, 2009

Thousands of web sites compromised, redirect to scareware

Posted by Dancho Danchev @ 12:12 pm
Categories: Anti Virus, Botnets, Browsers, Hackers, Malware...
Tags: Search Engine Optimization, Web Application, Web Site, Attack Vector, Google Search...
221 TalkBacks

Updated: Thursday, November 19 - According to eSoft who contacted me, they’ve beenmonitoring the campaign since September, with another 720,000 affected sites back then.
There are now over a million affected sites serving scareware, with only a small percentage of them currently marked as harmful. Google has been notified. As always, NoScript and your decent situational awareness are your best friends.
Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software (Inst_58s6.exe), commonly referred to as scareware.
More details on the campaign:

The compromised sites are hosting legitimately looking templates, using automatically generated bogus content, with a tiny css.js (Trojan-Downloader.JS.FraudLoad) uploaded on each of them which triggers the scareware campaign only if the visitor is coming a search engine listed as known http referrer by the gang - in this case Google, Yahoo, Live, Altavista, and Baidu :
“Cyveillance has discovered a complex attack vector that uses Google search results to distribute malicious software (malware) to unsuspecting Internet users. Using this attack vector, users click on links within Google search results and are routed to sites that attempt to download malware to their computers. The attack method also relies on inattentive webmasters who do not update the software on their sites and often unknowingly provide the material that appears in the search results.
The common string albums/bsblog/category is found in the URLs for all these blogs. By simply using the Google search parameter allinurl, along, you can see how many other sites contain the same string. As can be seen in the image above, more than 260,000 URLs are presented in Google’s search index leading to blogs similar to the ones illustrated in our example.
As you can see, only a small portion of sites in the search results carry a warning provided by Google. The reason for the small number of warnings is likely because the actual attacks do not take place on the website URLs in the search results, but on the sites you’re redirected to thereby decreasing the chances that Google will designate the destination sites as harmful.”
At first, it would appear that the campaign is an isolated one and is maintained by a cybercrime enterprise yet to be analyzed. However, analyzing it reveals a rather anticipated connection - the massive blackat SEO campaign has been launched by the same people who operate/or manage the campaigns for the Koobface botnet. For instance, the domains mentioned by Cyveillance, as well as the newly introduced ones over the past couple of hours, are the very same domains currently embedded on Koobface infected hosts.
How did they manage the compromise the sites? Through web application vulnerabilities as the attack vector, with OWASP’s recently updated Top 10 most critical web application security risks, highlighting some of the riskiest ones.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popularsecurity blog. See his full profile and disclosure of his industry affiliations.
Email Dancho Danchev

Sorry mate, I meant to post the link itself only...

My System SpecsSystem Spec

Thread Tools

Similar help and support threads
Thread Forum
Enhanced Mitigation Experience Toolkit (EMET)
The Enhanced Mitigation Experience Toolkit(EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author...
New Enhanced Mitigation Experience Toolkit (EMET) 5.1 available
Enhanced Mitigation Experience Toolkit 2.0 advice sought
I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit. Which apps should be added to the app list? I have Win 7 Ultimate and am not running any "legacy" programs of which I am aware, I'm just getting started using EMET. The...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:52.
Twitter Facebook