Has anybody upgraded to the 2008 IIS 7

Forum Moderators: open

Message Too Old, No Replies

Has anybody upgraded to the 2008 IIS 7

I am wondering as it looks like I will need to make the jump

bwnbwn

7:36 pm on Aug 28, 2009 (gmt 0)

Doing a PCI compliance and I found out II6 windows 2003 has a flaw and when searching for a possible fix I find the fix is "You are strongly recommended to upgade to winddows 2008 II7"on microsofts page.
The cost to upgrade is 999.00 just wondering if anyone has any input on the upgrade.

Ocean10000

8:48 pm on Aug 28, 2009 (gmt 0)

I normally upgrade the entire server at once. And retire the old hardware once the new servers are in place. I haven't done an actual upgrade of windows server since NT 4 to Windows 2000.

I am curious about this PCI Compliance issue though? Are you able to talk more about this. I think others may find themselves in the same situation. And this thread might help them out.

As for IIS 6 to IIS 7, Microsoft completely revamped IIS 7 so depending on the application, you might have to do some recoding / configuration changes to make sure everything works as expected.

bwnbwn

2:14 am on Aug 31, 2009 (gmt 0)

Ocean here is what I am finding out. I am PCI compliant Long story. I did a free PCI scan by Hacker Guardian and am getting this issue.

Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead.

Doing some research on this I find this is what is recommended.

[support.microsoft.com...]

Open to your help as to what you might suggest.

Ocean10000

1:46 pm on Aug 31, 2009 (gmt 0)

To be honost the ability to disable SSL 2.0 small registy change, which is noted in the KB article. I think the note pushing IIS7/windows server 2008 is more of a marketing push then anything else.

Owen.

bwnbwn

1:52 pm on Sep 1, 2009 (gmt 0)

Thanks Owen my bad I didn't scroll down. =Du