How to Pass PCI – Disable TLS 1.0, SSL 2.0, SSL 3.0

If you are trying to pass PCI Compliance, the security scan may complain your Windows 2008 Server R2 having TLS 1.0, or SSL 2.0 or SSL 3.0 enabled.

1. VERY IMPORTANT: Install this optional update or you won’t be able to remote desktop to the server after you disable TLS 1.0


2. You might need to add TLS 1.2 support for your SQL Server.


3. Useful Tool

Use the following to disable TLS 1.0 and other weak cipher suites.

4. FTP Server

I had to apply the follow fix in order for the FTP upload continues to work.  Otherwise, a FTP client, such as Filezilla, reports an error “550 The supplied message is in incomplete.  The signature was not verified”.  The FTP client keeps on repeating the upload of the same file again and again.




IIS WordPress Uploaded Files 500 Error


therI cannot believe I ran into the same problem I blogged about 3 years ago.  So I am add more symptoms and more details to the problem.  I hope it will save many people using IIS WordPress hours of troubleshooting.


  • You are running WordPress on IIS
  • You cannot even upload a file or image to WordPress Media Library
  • After you upload a file or image to WordPress Media Library, you cannot access the file via URL.  For example, would only return a server 500 error.  Or if you have an uploaded image, you may see a broken image icon in WordPress.
  • You can across this problem after you upgrade your WordPress site to a new or different version of PHP.


This is caused by configuration of

  • IIS configuration of PHP and the NTFS permissions set on specific folders.

Quick Fix:

    1. Add {serveranme}/IIS_IUSRS with read permission to the file, or uploads folder or wp-content folder.  Obviously, if you choose wp-content, you can propagate the permission down to subfolder and files.
    2. This only fixes the uploaded files in the WordPress site.  You may still get the same problem with future uploaded files.


  1. Locate your php.ini.  For example, C:\Program Files (x86)\PHP\vX.X
  2. Always check your php.ini to see the setting value for “upload_tmp_dir”.  The default value is probably “C:\Windows\Temp”.  It is critical that you verify this.  In fact, I recommend you create a new folder and use it exclusively for PHP upload temp directory.  For example, you can create a “C:\PHP_upload_temp”
  3. Now you need to apply the appropriate permissions to 2 folders with 2 users:
  wp-content (or uploads) PHP upload temp directory (C:\PHP_upload_temp)
IUSR Modify Modify
{servername}/IIS_IUSRS Read Read
  • The above suggestions should work.  You may reduce the permission to see if it works for you.
  • NTFS uses inherited permissions.  You should use Properties/Security/Advanced to view the permissions.
  • The permissions must be set property in PHP upload temp directory first.  The uploaded file will be uploaded to that directory before it is copied to the wp-content/uploads folder.
  • If you see “Parent Object’’” under “Inherited from”, it may indicate some orphaned permission.
  • “When you upload a file, PHP sends the file to a temporary directory on the hard drive (for me it is C:\Windows\Temp) and then copies it over to it’s intended directory.  Once the file has landed in the temporary directory, it is assigned the permissions of that directory. The problem is when Windows copies that file, it keeps the temporary directory’s permissions and doesn’t inherit your web directory’s permissions.”


Again, the following 3 articles really help:

note: I don’t think creator owner plays a part in this problem.

The Iron Giant: Signature Edition (Blu-ray) for $5.99

I used to watch the classic animation often with my kids on Amazon Video until they discontinued it.

Now I can buy the Blue-ray version for $5.99 at amazon.  Sweet.

Philips Hue

I am going to test out some smart home products to see how smart they are:

TP-Link N300 Wireless Wi-Fi Router

It is most useful in a situation when you need to set up a local network with a Broadband internet connection (i.e. phone tethering).  The fact it has 2 LAN ethernet port makes it useful to hook up with other smart home devices requiring wire.

Philips Hue Starter Kit

The changing light scene and music/movie sync makes the most visual impact.  Wow! Cool!

Philips Hue Lightstrip Plus

You need the lightstrip for accent lighting: behind bed board, under kitchen counter, under entertainment cabinets, behind TV, etc.

Amazon Echo Dot

What is a smart home without voice command?


Scotch tapes

Smart Home for Newbie

If you know nothing about smart home and you want to learn about it the easy way, I will tell you how:

Just book an appointment with Amazon Smart Home Consultation.

Go to: and click on “Smart Home Consultation”.  I was able to schedule an in home visit the next day.

When the guy showed up, he showed me some products.  Then I was able to bombard him with questions like cost, standard, use scenarios.

My opinions include:

  • Smart homes stuff are expensive.  If you think you can reduce your monthly bill (electricity, gas, etc), you need to be creative. 
  • Smart homes may fetch you a better home selling price if done right.
  • The current 3 major players are Google Home, Apple Home Kit, Amazon Alex.
  • The lack of a universal standard makes it hard to integrate every devices easily.
  • Smart homes offer you some minor convenience, turn things (light, garage door, door, etc) on/off
  • Smart home is cool.  You can control everything in your house using voice.  The light setting, sound system, TV are all fun to play with.
  • The foundation of smart home is a wireless network that covers your whole house.  So you will need a good home wifi router or a good mesh network like Google Wifi or Eero.
  • If you want voice commands, then you can buy Amazon Echo / Dot with Alexa or Google Home.
  • Then you can get smart lights, home security stuff, TV, sounds, plugs, thermostats.
  • Note that every device likes to come with their own hub.