My Website (ports) Have Been Hijacked!
- by ChrisD
This is one of the scary problems that turns out to have a pretty easy solution. I tried to view one of my websites hosted by IIS on my primary workstation and the site wouldn’t render. I checked IIS Admin and the site was there, but I couldn’t access it on either port 443 or port 80. In reviewing the event log I found the following entry: The World Wide Web Publishing Service (WWW Service) did not register the URL prefix http://x.x.x.x:80/ for site 1. The site has been disabled. The data field contains the error number I disabled the IIS Service (issued Net Stop W3svc from an admin command prompt) and then scanned for anything listening on port 80. C:\Users\cdarrigo>netstat -ano |findstr 80 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 3124 This confirmed that something had hijacked my ports. I had another process that was listening on port 80 and it was preventing IIS from serving up my site. A quick phone call to a friend taught me that the last number shown above (3124) is the process id of the process that's listening on the port. So whatever process had PID 3124 had to be stopped. I scanned my process list, and determined it was, much to my surprise, Skype. I exited the Skype application and restarted the IIS service, then manually restarted the web site. This time, browsing to my site resulted in successfully viewing my site. So why was Skype listening on those ports? A quick Google search revealed the answer: “Skype listens on those ports to increase quality.” really? “you might become a supernode if those ports are open.” No thanks. I’m not sure how accurate those statements are, but I want to disable this behavior in Skype none the less. Fortunately Skype provides a configuration option to turn off this behavior. Launch Skype and log in. From the Tools menu, select Options Select the Advanced options and then Connection Uncheck the box Use Port 80 and 443 as alternatives for incoming connections Back to development bliss.
