ftp – FileZilla and IIS: GnuTLS error -110: The TLS connection was non-properly terminated

I’m trying to connect to a VPS running Windows Server 2019 using Filezilla Client, but get the error

GnuTLS error -110: The TLS connection was non-properly terminated.

My Let’s Encrypt certificate is set for domains: www.example.com, example.com, ftp.example.com
My IIS configuration is set to use this certificate on both the global level (see screenshot 1) and on the FTP level (see screenshot 2).
Screenshot 1
enter image description here
Screenshot 2
enter image description here
My FileZilla settings (using Default transfer mode, but I tried Active and Passive too with the same error)
enter image description here

Resulting in this logging in FileZilla:

Status: Resolving address of www.example.com
Status: Connecting to 15.200.12.44:21...
Status: Connection established, waiting for welcome message...
Response:   220 Microsoft FTP Service
Command:    AUTH TLS
Response:   234 AUTH command ok. Expecting TLS Negotiation.
Status: Initializing TLS...
Error:  GnuTLS error -110: The TLS connection was non-properly terminated.
Status: Server did not properly shut down TLS connection
Status: Connection attempt failed with "ECONNABORTED - Connection aborted".
Error:  Could not connect to server

Connecting without SSL
I tried to connect without SSL, so set FileZilla to Use explicit FTP over TLS if available.
And on my VPS I configured it to Allow SSL connections (and not require):
enter image description here
I then get the following notification but I AM able to connect:
enter image description here

My guess is it HAS to do with the certificate, but I don’t know what.
I Googled for the error, and tried some debugging like recommended here and here.

I also tried WinSCP, but still can’t connect, so unlike some sites claim it’s a FileZilla bug, I think I need to look for it on the server. But I’m lost on what to check now.

Azure Web App identified target web site is using IIS 10 and detected that it is out of date – how to change

Azure Web App identified target web site is using IIS and detected that it is out of date – how to change
A security scan of a web app running windows has been identified as a High vulnerability. Since this is an old version of the software, it may be vulnerable to attacks. When the Server: Microsoft-IIS/10.0

External References: https://nvd.nist.gov/vuln/detail/CVE-1999-0229
Internet Information Services Other Vulnerability
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
Affected Versions: 10.0
External Referenceshttps://nvd.nist.gov/vuln/detail/CVE-2000-0115

How can we do the following to fix this issue when using Azure web app?

Remedy
Upgrading IIS to a higher version is not a standalone operation. The IIS version depends heavily on the Windows OS version that
you use on your server machine.
If it is not possible to upgrade IIS to a higher version for this type of reason, we strongly recommend that you track and apply the
patches that are published by the vendor.
Please note that all updates and patches for IIS come as Windows Updates. Also, you can select which update package(s) will be
applied.

URL Rewrite is not working for http to https redirection on IIS


Your privacy


By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.




security – Implicitly allow requests in IIS from valid hostname

I have a few publicly accessible IIS servers and sites (personal and corporate), these hosts have own domains/subdomains, and all legit access to these https sites happen through domains.

Almost all HTTP app vulnerability scans from bots/rooted servers happen to the servers through IP, without valid hostname, and if there is hostname it is the default reverse DNS host, not the actual domain of the site.

Is there a way in IIS to implicitly only allow requests with proper hostname? The site root app only has bindings to the hostname, but IIS still accepts requests, and responds with 404. The best thing would be to timeout the request similar fashion as if the site doesn’t have HTTP open.

I of course understand that this does not guarantee anything in security wise, the scanner can still figure out the proper hostname in many ways, but it would still filter out 90% of dummy scans.

IPS in firewall can probably do some things, but in some cases I do not have that luxury. Is there way in IIS? Redirect the http request to oblivion? (this would probably just change the error to proxy gateway http errors?)

Installing IIS on windows server 2003, says files from SP2 CD are needed

Faced same issue asked in Installing IIS on windows server 2003, which files from SP2 CD are needed?.

I could resolve it after installing SP2.
Answering it here so that it can help others as I don’t have enough reputations to comment the answer in original question.

Hope it helps

iis 10 – Why can’t I edit IIS XML configuration files with gvim on Windows 10?

When I try to open C:Windowssystem32inetsrvconfigschemaIIS_schema.xml for example on Windows 10 Pro, build 20H2, I can always open it in notepad, but if I open it in gvim (a real editor) it pretends like the file doesn’t exist.

I’ve even run gvim as a domain administrator and it still makes like it doesn’t exist. I’ve never seen this sort of behavior before, it’s really strange.

iis – Website works remotely but not on the server itself when called by domain

I am using Windows Server 2019 and in IIS 10 I have created a website and I have bound it to both: “localhost” and “mydomain.com” on port 80.

mydomain.com works correctly from any client but on the server only when I call “localhost” it works otherwise I get the following error (when called by domain):

enter image description here

iis – Website works remotely but not on the server itself when called by domain

I am using Windows Server 2019 and in IIS 10 I have created a website and I have bound it to both: “localhost” and “mydomain.com” on port 80.

mydomain.com works correctly from any client but on the server only when I call “localhost” it works otherwise I get the following error (when called by domain):

enter image description here

network attached storage – Is it possible to forward all requests within my LAN and IIS?

I have a tricky situation at home with my router, web server and new Synology NAS. As a software developer I have been using this web server through the DMZ of the router and I want to keep it that way. It’s not that special as it’s just Windows 10 with IIS, but it hosts several domains for testing purposes for clients I have. The number of sites and domains linked to it is constantly changing and I need to keep this all set up as simple as possible. Right now, it works fine…
To be clear, I can add sites to IIS and can add even a reverse proxy if need be, but this server is the important part of my setup. The NAS is just a nice add-on if I want end users (clients) to upload or download stuff in an easy way.
Then I decided to get a Synology NAS as I had a few old hard disks that I want to reuse as backups and it too has just been set up and is working nicely, but I can’t access it from outside my LAN.
Now, I want to set up a specific subdomain (syn.example.com) that should connect to the NAS. (All ports!) That might work if I had a second IP address but that’s not possible for me. And I don’t want to change the DMZ either, as any incoming connections should, by default, go to this web server.
Challenge is that all external requests to this specific subdomain should be routed towards my NAS. And it seems to me that this is not possible. Am I right?

The NAS is just a nice-to-have if it can connect to the Internet over this subdomain, but it’s no big issue if that’s not possible.

windows – New IIS install suddenly giving 500 error on basic static web site

I maintain a basic static website for personal use, and since my ISP stopped hosting it several years ago, I’ve run it off of my home computer. I just put in a new SSD this week, and installed Windows 10 fresh. Activated IIS, set up the basic “hello world” site, and then copied over my site’s files. Everything seemed to be working fine.

Today it’s not working fine. I’m getting a 500 error:

Calling LoadLibraryEx on ISAPI filter C:WindowsMicrosoft.NETFrameworkv4.0.30319\aspnet_filter.dll failed

Detailed Error Information:

  • Module: IIS Web Core
  • Requested URL: http://localhost:80/
  • Notification: Unknown
  • Physical Path: C:inetpubwwwroot
  • Handler: ExtensionlessUrlHandler-Integrated-4.0
  • Logon Method: Not yet determined
  • Error Code: 0x800700c1
  • Logon User: Not yet determined

I checked https://docs.microsoft.com/en-US/troubleshoot/iis/http-error-500-when-you-visit-web-site for the error code but it wasn’t helpful; it says “Make sure that the script-mapping points to the ISAPI .dll file that can process the request” but the handler in question doesn’t point to any DLL file — it points to System.Web.Handlers.TransferRequestHandler.

(I’m sure I’m missing something here, as while I’m a software engineer I’m not a trained webmaster and have only a rudimentary understanding of the terminology involved. Go easy on me!)

Any idea what’s going on? Or what could have changed to produce this error without me touching the IIS configuration?