Google Tag Manager - Bypass AdBlock Plus

I managed to find a way to bypass AdBlock Plus so that Google Tag Manager loads on my IIS 10 Website, i use Google Tag Manager to manage the cookies, and display the cookie bar on several websites.

If you would like to find out how to use Google Tag Manager in this way, please read my EU Cookie Consent With Google Tag Manager post.

Install URL Rewrite

The first step is to install the add-on module for URL Rewrite. With Windows Server 2019, you can use the Microsoft Web Platform Installer (WebPI) to download and install the URL Rewrite Module. Just search for 'URL Rewrite' in the search options and click 'Add'. You can also download the extension from IIS.net - http://www.iis.net/downloads/microsoft/url-rewrite.

Once the module is installed in IIS, you will see a new Icon in the IIS Administration Console, called URL Rewrite. This icon is present at the level or each site and web-application you have in the server, and will allow you to configure re-write rules that will apply from that level downwards.


Configure HTTP Headers

We now need to allow the processing of compressed files, we do that by removal and reinstatement of the HTTP header. To do this, we will first need to create two HTTP Variables in URL Rewrite. After selecting the URL Rewrite Icon and double clicking it in the IIS Manager Console, you will have a 'View Server Variables' action button on the right hand side pane. Click this button to be able to add new server variables.

Click the 'Add' button on the right hand side pane to add a new server variable. We will need to add two variables named HTTP_ACCEPT_ENCODING and HTTP_X_ORIGINAL_ACCEPT_ENCODING as shown here:

 

Configure Web.Config 

Next we need to add the following lines to the Web.Config, being sure to replace YOURDOMAIN.COM.

        <rewrite>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="Frame, Script" pattern="^http(s)?://www.googletagmanager.com/(.*)" />
<action type="Rewrite" value="http://YOURDOMAIN.COM/{R:2}" />
</rule>
<rule name="RestoreAcceptEncoding" preCondition="NeedsRestoringAcceptEncoding">
<match serverVariable="HTTP_ACCEPT_ENCODING" pattern="(.+)" />
<action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />
</preCondition>
<preCondition name="NeedsRestoringAcceptEncoding">
<add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".+" />
</preCondition>
</preConditions>
</outboundRules>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="^proxy\/(.*)" />
<conditions>
<add input="{CACHE_URL}" pattern="^(https?)://" />
</conditions>
<action type="Rewrite" url="https://www.googletagmanager.com/{R:1}" />
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value=""/>
</serverVariables>
</rule>
</rules>
</rewrite>

Then in your HTML replace the Google Tag Manager header code with the following, being sure to replace YOURCONTAINERID:

    <!-- Google Tag Manager -->
<script>
(function (w, d, s, l, i) {
w[l] = w[l] || []; w[l].push({
'gtm.start':
new Date().getTime(), event: 'gtm.js'
}); var f = d.getElementsByTagName(s)[0],
j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = false; j.src =
'/proxy/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f);
})(window, document, 'script', 'dataLayer', 'YOURCONTAINERID');</script>
<!-- End Google Tag Manager -->

And replace the Google Tag Manager body code with the following, being sure to replace YOURCONTAINERID:

    <!-- Google Tag Manager (noscript) -->
<noscript>
<iframe src="/proxy/ns.html?id=YOURCONTAINERID"
height="0" width="0" style="display:none;visibility:hidden"></iframe>
</noscript>
<!-- End Google Tag Manager (noscript) -->

Using Let’s Encrypt certificates with Windows Admin Center

Certificates from Let’s Encrypt have a very short lifetime and therefore needs to be renewed quite often and that process needs to be automated. This little guide will show how to acquire certificates and automate the renewal for use with Windows Admin Center. I will use Posh-ACME to get the certificates from Let’s Encrypt.

First of all we will need to install the Powershell module Posh-ACME from Powershell Gallery

Install-Module -Name Posh-ACME

In order to use Posh-ACME you need to figure out how to let the script make changes to your public DNS-server. This is beyond the scope of this guide as that procedure varies depending on your provider. You will have to look in the documentation for Posh-ACME. List-of-Supported-DNS-Providers

Download Windows Admin Center if you haven’t done so already. https://aka.ms/WindowsAdminCenter

Make sure to move your downloaded file to C:\Temp and make a note of the filename.

In a production environment the following steps should be performed as a separate (batch/script) account. Posh-ACME saves the settings in the user profile and you need to schedule a task to update the certificates. You do not want to schedule a task with your regular user.

# Specify the environment to acquire certificates from (LE_PROD is Let's Encrypt production environment and LE_STAGE is the test environment).
Set-PAServer LE_PROD

$pArgs = @{ CFAuthEmail='xxx.domain.tlc'; CFAuthKey='xxx' }

# Acquire the certificate:
$newCert = New-PACertificate 'HOSTNAME' -AcceptTOS -Install -Contact [email protected] -DnsPlugin Cloudflare -PluginArgs $pArgs

# Specify the path to Windows Admin Center installer:
$msiFile = "C:\Temp\WindowsAdminCenter1904.msi"

# Install:
Start-Process msiexec.exe -Wait -ArgumentList "/i $msiFile /qn /L*v c:\temp\log.txt SME_PORT=1080 SME_THUMBPRINT=$($newCert.Thumbprint) SSL_CERTIFICATE_OPTION=installed"

Once installed you should be able to access Windows Admin Center at the following url: https://HOSTNAME:1080

If you want to do a manual install you can specify the thumbprint to the certificate. You will find it in the variable $newCert.Thumbprint after you have acquired the certificate.

This short script will check, then renew the certificate if needed, it will then configure Windows Admin Center with the new certificate and then remove the old certificate.

# Update existing certificate
# This task should be scheduled to run every day (or something similar)

# Specify the domainname to update:
$wacDomain = "HOSTNAME"

# Get the current certificate:
$currentCert = Get-Item Cert:\LocalMachine\My\* | Where Subject -like "CN=$wacDomain"

# Specify the environment (Production or Test)
Set-PAServer LE_PROD

# Specify what certificate to renew
Set-PAOrder -MainDomain $wacDomain

# Submit the renewal
$newCert = Submit-Renewal
if ($newCert -ne $null)
{
    # If atleast one new certificate is returned:
    foreach ($c in $newCert)
    {
        # Check if the returned certificate matches the domainname specified:
        if ($c.AllSANs -contains $wacDomain)
        {
            # Find MSI package for Windows Admin Center
            $wac = get-wmiobject Win32_Product | select IdentifyingNumber, Name, LocalPackage | Where Name -eq "Windows Admin Center"

            if ($wac -ne $null)
            {
                # Bind new certificate to the service
                Start-Process msiexec.exe -Wait -ArgumentList "/i $($wac.LocalPackage) /qn /L*v c:\script\log.txt SME_PORT=1080 SME_THUMBPRINT=$($c.Thumbprint) SSL_CERTIFICATE_OPTION=installed"

                # When upgrading WAC, the firewall rule may be deleted. If so create a new rule after upgrade.
                New-NetFirewallRule -DisplayName "SmeInboundOpenException" -Description "Windows Admin Center inbound port exception" -LocalPort 1080 -RemoteAddress Any -Protocol TCP

                # Restart Windows Admin Center
                Restart-Service ServerManagementGateway -Force
            }            

            # Remove the old certificate from the certificate store
            Remove-Item $currentCert.PSPath
        }
    }
}

If you install it to the 443 port, be aware this will stop anything using port 443 from working, including any websites running on IIS.
If this happens use the 2 lines below to remove the SSL binding for port 443

netsh http delete sslcert ipport=0.0.0.0:443
netsh http delete urlacl url=https://+:443/

Be sure to check any websites in IIS have the correct certificate bindings in place.

 

How to identify PID of AppPools

I thought i would reshare how to find the PID of an AppPool, as it's not the easiest thing to find if your not familiar with the process.

This allows you to map the w3wp process to the AppPool that you are trying to diagnose.

Step1 - Open IIS Manager, go to the root node in the tree on the left that represents your computer (should be labelled as your computer name)
Open IIS Manager

Step2 - In the features view to the right, you'll see a section called IIS. Under that you'll see Work Processes.
Worker Processes

Step3 - Select that and it should show you all running worker processes and some basic info, including Process ID (PID)
Process ID (PID)

Step4 - You can map that Process ID to the matching process in the Process tab in Task Manager.

This is a repost, the original post can be found on the MSDN Blogs here.

How to increase the Umbraco Media upload limit

If you need to increase the upload limit with Umbraco, this can easily be done if you have root access to your server.

You may have to contact your hosting provider if this is not the case.

First off, you need to update your Web.Config allow the file size you need...

Carry out a search for:

maxRequestLength

Then change the value to the file size you require in kb, for example 100MB in kb is 100000

Once you have made this change you need to update IIS to also increase the limit, there are 2 ways to do this...

First Way:

Navigate to:

cd %winsrv%\system32\inetsrv

and run this code:

appcmd.exe set config "sitename" -section:requestFiltering -requestLimits.maxAllowedContentLength:size in bytes -commitpath:apphost

Second Way:

Open Internet Information Services (IIS) Manager find your website under Sites and click on its name.

Then under IIS click on Request Filtering in this section on the right click on Edit Feature Settings

Then change the Maximum allowed content length (Bytes) in my case again 100MB is 104857600Bytes.

Click Ok and then restart your sites Application Pool

(Original Source)

Visual Studio update to 15.5.3 breaks donet core 2.0 solution

I came across an issue after updating my Visual Studio version to 15.5.3 which would cause my solution to throw an exception whenever it tried to access the database.

System.IO.FileLoadException: 'Could not load file or assembly 'System.Data.SqlClient, Version=4.2.0.1, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)'

The fix for this is nice and easy, you just need to install the NuGet (V4.4.2) package System.Data.SqlClient.