tobysimmons

I’ve listed all (I think!) the changes that need to be made when running WP 1.5 on a Windows (IIS 5) server here. Please let me know if you think I’ve missed something.

Well, I haven’t heard from anyone, so I’m gonna post my list of edits to get WordPress running on IIS 5. If someone has a better way, please let me know! Fixing WP 1.5 for IIS 5

What was the security risk? I’m asking because if you are running WordPress on an IIS 5.0 server (Windows 2000) then the regular code just won’t work. (Please don’t say use a different server.)

If you have a setcookie() command followed by a header(‘Location: ‘) directive in a php script, the cookie headers are stripped before the redirection header is sent. This bug is documented in the following knowledge base article: https://support.microsoft.com/kb/q176113/ on Microsoft’s site. I’ve made the modification to my code in wp-login.php (two places, since it does the same thing when you want to log-out) as well as in the wp-pass.php file. I haven’t found any other places where setcookie() is followed by header(‘Location:’) … does anyone else have any feedback?