I have a simple node.js application running on localhost:3000, printing "Hello world".
When I start it from command line, everything works fine.
But when I start it with IIS (choosing "Browse website" in IIS manager), it gives following error:
iisnode encountered an error when processing the request.
HRESULT: 0x2
HTTP status: 500
HTTP subStatus: 1002
HTTP reason: Internal Server Error
You are receiving this HTTP 200 response because system.webServer/iisnode/#devErrorsEnabled configuration setting is 'true'.
In addition to the log of stdout and stderr of the node.exe process, consider using debugging and ETW traces to further diagnose the problem.
The last 64k of the output generated by the node.exe process to stderr is shown below:
Application has thrown an uncaught exception and is terminated:
Error: EPERM: operation not permitted, lstat ...
From several questions here on StackOverflow, I found this is a permission problem. So I granted full permission to the user of the site (following suggestions here and here), with no success, same error.
But when I change the Application Pool Identity from ApplicationPoolIdentity to LocalSystem, it works.
My problem is, this was just a try and I don't understand why it works. I'm confused about that and worried this is not the correct way to go. Can someone help me? Or maybe explain why this works?
This is a permission issue. The default identity of apppool is “ApplicationPoolidentity”, which is a virtual user created when the application pool is created and has few permissions. The localsystem has the highest authority.
Generally, Node.js starts listening on port 3000 through the command line, and IIS will reverse proxy the request to port 3000 and print “Hello World”. But your description is start it with IIS. I guess what you mean is to start node.js through IIS, that is, start node.js from app pool. App pool needs high authority to start local services, and the identity must be “local system”.
If you are worried about security issues, it is best to start node.js through the command line and proxy the request to port 3000. Through the test, even if the application pool identity is “ApplicationPoolIdentity”, it can work.
Related
I have azure virtual machine, hosted angular application which is having NodeJs as a backend.
Sometimes it is throwing 502 exception.
If we refresh the page and try to hit the api then we get response. But, sometimes it throws 502 and tells nothing other than this. We tried capturing IIS logs, there also no info about this exception.
Please help me to resolve this issue.
It is Server Side Problem. Kindly check the proxy or ip you're hitting. 502 Bad Gateway Error, which indicates that a server somewhere within the server stack — specifically, one which is acting as a gateway or proxy itself — received an invalid response from a different server.
After using deploying my .NET Core 2.1 App to my server, I get the following error when I access the page:
HTTP Error 502.5 - Process Failure
Following Microsoft's always helpful link on the same page (cough cough), I checked the Event View Log and it states:
Application 'MACHINE/WEBROOT/APPHOST/BLAH.COM' with physical root
'D:\inetpub\vhosts\BLAH.com\httpdocs\' failed to start process with
commandline 'dotnet .\blah.dll', ErrorCode = '0x80070002 : 0.
The message was not only unhelpful, but completely irrelevant. I tried to enable the web app's logging in web.config:
<aspNetCore requestTimeout="23:00:00" processPath="dotnet" arguments=".\blah.dll" forwardWindowsAuthToken="false" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" startupTimeLimit="3600" />
Oddly, no files were created in the Log directory until I granted permission to my IWPD process. The files it created weren't in the stdout directory as specified, but were in the parent log directory. They also were empty.
I ran the web app from the command line using:
dotnet .\blah.dll
The application appeared to run and I could see some messages on the screen, but I still got the same 502.2 error accessing the site with no additional information in the logs. I followed the troubleshooting steps for ASP.NET Core 2.1 and it mentioned this:
If the errors occur when making a request to the app, make a request
to the host and port where Kestrel listens. Using the default host and
post, make a request to http://localhost:5000/. If the app responds
normally at the Kestrel endpoint address, the problem is more likely
related to the reverse proxy configuration and less likely within the
app.
I ran the web app from the command line and tried to access it using http://localhost:5000. I was finally able to access the site, but I still got the same 502.2 error via IIS.
It's obvious IIS and Kestrel are not communicating with each other. I don't understand why there's two web servers and how to get them to communicate with each other.
Solved the problem. The installer for the server's IIS module doesn't restart or warn the user to restart IIS. Restarting IIS loaded the necessary module. Clearly, this is a bug by any other name.
We've been able to successfully, automatically, deploy our MVC and WebApi to IIS7.5 on Win2008 R2, for some time now. Just this week the MSDeploy stopped working. The System event log shows this error when attempting to restart the Web Management Service on the targeted Win200 R2 server:
The Web Management Service service terminated with service-specific
error %%-2147483640.
The Application log shows this error at the same exact time the above error occurs.
IISWMSVC_STARTUP_UNABLE_TO_ACTIVATE_HWC
Failed to activate the Hostable Web Core (HWC). Web Management Service startup failed. Please reference the Win32 error in this
event for further information.
Exception:System.Runtime.InteropServices.COMException (0x8007007F):
The specified procedure could not be found. (Exception from HRESULT:
0x8007007F) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at
Microsoft.Web.Management.Server.WebServer.Microsoft.Web.Management.Server.Interop.IWebServer.Start()
Process:WMSvc User=NT AUTHORITY\LOCAL SERVICE
The above error is preceded by this warning:
A listener channel for protocol 'http' in worker process '7164' serving application pool 'WMSvcAppPool' reported a listener channel
failure. The data field contains the error number.
Which is preceded by this error:
Failed to find the RegisterModule entrypoint in the module DLL C:\Windows\Microsoft.NET\Framework64\v4.0.30319\webengine.dll. The
data is the error.
We've attempted to reach the target server using https://ourservername:8172/MsDeploy.axd. The response is:
Error 102 (net::ERR_CONNECTION_REFUSED): The server refused the
connection
Is this occurring because the port is blocked or because the Web Management Service is not running? (The Windows Firewall with Advanced Security dialog says the "Windows Firewall is off" and there are no entries in the firewall log (C:\Windows\System32\LogFiles\Firewall).
We've seen some posts that indicate the certificate may be the issue. Not sure how to actually tell if this is the case though. The CERT we have says it is valid thru 2029.
I resolved the problem on a cloned Win2012 VM by changing the SSL certificate which was set to the original host. I used the self-cert.
I've put this here as a potential answer as I didn't read the question far enough to see the SSL comment at the end ;) and although the fix took 30 seconds we spent at least 2 days trying everything else.
I have CCNET 1.8.5.0 installed on two build servers and I configured WebDashboard on one server to monitor both of them. But it leads to such bug: when user logs in to one of the servers, webdashboard shows him as being authorized on other server too (Logout button is showed instead of Login). But when it tries to access project on second server he gets usual error:
Request processing has failed on the remote server: Permission to execute 'ViewProject' has been denied.
How could I force webdashboard to separate authorization on every server?
this seems to be a bug :-(
there is no configuration to my knowledge that would bypass this problem for the moment.
I am running a service on Azure web sites using PHP. From times to times, the server completely stops responding with a 500 HTTP message. So far, I could get these relevant details on the error:
ModuleName: FastCgiModule
Notification: EXECUTE_REQUEST_HANDLER
HttpStatus: 500
HttpReason: Internal Server Error
HttpSubStatus: 0
ErrorCode: The specified network name is no longer available. (0x80070040)
ConfigExceptionInfo:
The only info I was able to find was that this might be a prevention of DoS attack when the server stops executing the scripts (for some limited time?). I solve this now by restarting the server which is not good at all.
As I am unable to find an exact cause of this, I am looking for a better solution than manual restarting or even a hint on how to debug the problem. Thanks