I have a website hosted in IIS (site.domain.com) and a web application hosted under it (site.domain.com/app). when trying to access site.domain.com/app it gives missing Configuration Error - Could not load file or assembly from the main website web.config!!
Why accessing the web application goes through the main website!! it should be a separate entity.
The idea is to use the main website as a login page then having links to open the web applications under it.
The reason behind the issue is Child application is inheriting Parent applications web.config file.
To avoid this inheritance of web.config file put below code in child application:
<location path="." inheritInChildApplications="false">
<system.web>
...
</system.web>
</location>
or
for iis 7 and above:
<location path="." inheritInChildApplications="false">
<system.webServer>
<!-- ... -->
</system.webServer>
</location>
Related
I have added the apple-app-site-association file to the root of a website, but IIS is not delivering the file.
What is the best way to make the server serve this specific file without a file extension? Is there a way within a web.config to explicitly say "serve this file"?
I was having the same issue and found this amazing post:
Serving apple-app-site-association from IIS
IIS only serves files of known types, defined by their file extension. Since apple-app-site-association doesn’t include a file extention, IIS throws a 404 error, when I try to open it with a browser. I fixed this by adding a mimeMap in the web.config file:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<staticContent>
<!-- required for apple-app-site-association: -->
<mimeMap fileExtension="." mimeType="application/json" />
</staticContent>
</system.webServer>
</configuration>
Not my preferred solution, but in leu of DeyaEldeen's comment, the way I met many of our needs was to use the meta tag approach instead (within the <head> tag of the page):
<meta name="apple-itunes-app" content="app-id=5555555555">
This makes is so that whenever any users on iOS browse to the site, they are presented with a "view in app store" popup at the top of the page. Once they press on the popup, they get directed to the app store.
See Apple's docs for Smart App Banners.
Hopefully this helps some people with similar needs.
As explained by this answer, for security reasons, IIS only serves known file types, and uses the file extension to infer the file type. You can declare a file type for extension-less files, allowing to serve them.
But this causes the server to serve any extension-less file, which could cause unexpected files to get served to anyone, including robots probing for sensitive files incorrectly protected.
The solution explained by previously linked answer can be restricted to only that apple file. Better restrict it. Use a location node for this.
By the way, consider adjusting the caching policy for this file, if your default one is not suitable, especially if your server is behind a CDN.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
...
<location path="apple-app-site-association">
<system.webServer>
<staticContent>
<mimeMap fileExtension="." mimeType="application/json" />
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="08:00:00" cacheControlCustom="public" />
</staticContent>
</system.webServer>
</location>
...
</configuration>
Why
For security reasons, IIS cannot allow browsing any file. Imaging, for example, web.config.
How to
The quickest way is to add the file type to the known types by its extension:
Open IIS Manager -> Sites -> Your Web Site -> MIME TYPES -> Add...
File name extension=.
MIME type=application/json
-> OK
Now it works.
I need to add a location element in my web.config file, but the path starts with a dot (and I don't think I can change that path, it's for letsencrypt automation).
If I let the dot, like in <location path=".well-known/acme-challenge"></location>, the site doesn't start at all (I think the web.config file is not parsed at all because I get the page asking me to configure customErrors, but it is already configured and usually works fine)
If I remove the dot, like in <location path="well-known/acme-challenge"></location> the web.config file is correctly loaded, but of course that doesn't help me to configure anything at the location I wish.
The final goal is to disable basic authentication (which I need for the rest of the site) on this path only ; I don't even know if I'll be able to set this up in a <location> element.
I had a similar problem where I had a ASP.NET Forms site that was forcing authentication on all pages.
To expand on the accepted answer, here is the exact web.config I put in the /.well-known folder (NOT the /.well-known/acme-challenge folder):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<!-- This will stop any redirects you have at the higher level -->
<httpRedirect enabled="false" />
<!-- This will stop any integrated mode settings you have at the higher level -->
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
<!-- This will allow unauthenticated users to acme-challenge subfolder -->
<location path="acme-challenge">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
After adding this file, I was able to use EcdsaAcmeNet to use Lets Encrypt with the site in IIS.
As suggested by Ondrej Svedjdar in comments, the solution is so simple I didn't think about it.
Just add another web.config file in the folder where you need it.
I want to import virtual directory setting via file in IIS 8.5, but cannot find an option to do so. In IIS 6 you can:
Right click on the site -> New -> Virtual Directory (From File)
I do not see this option in IIS 8.5, only an option to 'Add Virtual Directory...'
Google is not helping today. Does anyone know how this can be accomplished?
I was not able to find a way to do this similar to how you can in IIS 6, maybe there is a powershell command...
However, I did find a way to add sites via the applicationHost.config file, which is usually located at: C:\Windows\System32\inetsrv\config. (be sure to make a back up of the file in case you make a booboo).
Since I have similar sites and apps, it is was easy to copy and paste, and modify the necessary fields.
You can add sites and app pools in the section:
<system.applicationHost>
App Pools:
<applicationPools>
...
Sites:
<sites>
If you have applications under a site then there has to be a corresponding location node:
<location path="Default Web Site/yoursiteapp">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
<access sslFlags="None" />
</security>
</system.webServer>
</location>
How is it possible to change the script timeout on a windows azure website?
Given that you are not referring a specific language I assume it is ASP.NET. Either way, you have to change your web.config file and set the httpRuntime's executionTimeout attribute to a desired value in seconds:
<httpRuntime executionTimeout="300" />
If you are not coding in ASP.NET, just login to your web site with FTP, navigate to the site's root folder, open the web.config file and edit it. It must look something like (just a little more bloated):
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<system.web>
<httpRuntime executionTimeout="300" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
</configuration>
If there isn't file named web.config just create an XML file with the content above, name it web.config and place it in your site's root folder. That should do the trick for you.
Our site's favicon.ico file hasn't changed in years - and isn't going to change any time soon - so I'd like to configure IIS to serve it with a far-future cache expiry header. The rest of the content in the root folder of my site is dynamic pages that shouldn't be cached - but as far as I can tell, IIS only allows you to set content expiry cache on a per-folder basis - so is there any way to set a cache header for favicon.ico without affecting the rest of the content in the home directory as well?
Yep - drill down to the file.
In IIS Manager (on IIS6), navigate to the file, right click, properties, HTTP Headers tab, check Enable Content Expiration; party on with the other settings.
Kudos to Dylan (below) for IIS7 instructions and this snippet.
This creates the following section in web.config, so you can probably achieve the same thing just by editing the file directly.
<configuration>
<location path="favicon.ico">
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="90.00:00:00" />
</staticContent>
</system.webServer>
</location>
</configuration>