IIS Express showing Forbidden when accessed from VM - iis

I've got various websites on my local machine, and I'm trying to test a client within a VM that needs to access one of the sites. I've added a line to the VM's hosts file that makes localhost point to the Host IP Address.
All of the sites are on https with a certificate assigned to localhost and signed by a CA that's trusted by the VM.
The VM can access all of the sites, apart from one that's running on IIS Express. For the one that's running on IIS Express, I can access it fine with the IP Address or another hostname, but with localhost it comes back as forbidden.
I also put another line in the hosts file that points another domain at the same ip address as localhost, and that worked as well.
So on the VM:
https://localhost/Site1 works, points to another site running on regular IIS
https://localhost:44134 doesn't work, 403 Forbidden, points to IIS Express
https://10.0.11.10:44134 works, points to IIS Express
https://machinename:44134 works, points to IIS Express
https://different.domain.com:44134 works, points to IIS Express
I've checked the binding in IIS Express and it's like this, which I believe is correct:
<binding protocol="https" bindingInformation="*:44314:" />
And the urlacl is this, which I think is correct also:
Reserved URL : https://*:44314/
User: \Everyone
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;WD)
Is there something special with localhost? The VM is running Windows 7.
Edit:
I've created a new Asp.net MVC app that runs on http (so not using https this time) and port 57811.
http://localhost:57811 doesn't work, 403 Forbidden, points to IIS Express
http://10.0.11.10:57811 works, points to IIS Express
http://machinename:57811 works, points to IIS Express
http://different.domain.com:57811 works, points to IIS Express
So the issue is nothing to do with https, or the specific site.

Related

IIS Returning 400 Error

I am checking accessing an IIS on a local system. When I deploy an application to the server and check locally using localhost and local IP it works fine. When I open the port it is listening on via my router and try to access via the router IP it always returns a 400 error. The router has been configured to forward the call the the system IS is on. I can test the port with a port checker and it is showing as being open. I read messages that indicated that the header may not be present and would cause this type of error if multiple app are deployed. I tried to put headers on the apps but no difference. I then cleared all the apps except the original one that comes with IIS. But still cannot access the app. Can someone indicate what I'm missing with the IIS configuration (as I'm feeling it must be IIS related).

IIS 7.5 difference when querying css item from localhost and externally

After 4 hours of looking through stack overflow and searching Google I've finally decided to go check in with the "hopefully" gurus...
My problem is this, when querying from the local machine through remote desktop, querying for www.domainname.com/Content/Styles/reset.css i get the css fine.
When doing the same from an external machine, I get a 404 error... I know why, the reason is that it's trying to get the file from:
C:\inetpub\wwwroot\Content\Styles\reset.css
This is kind of bad considering that the website is actually hosted at: c:\http\www.domainname.com\
The error in the browser, from IIS, gives the following information:
Module IIS Web Core
Notification MapRequestHandler
Handler StaticFile
Error Code 0x80070002
Requested URL http://www.domainname.com:80/Content/Styles/reset.css
Physical Path C:\inetpub\wwwroot\Content\Styles\reset.css
Logon Method Anonymous
Logon User Anonymous
I've been looking at the other sites running on the IIS, and none of them point to InetPub as their directory, so I simply can't see why it's trying to get the item from this path.
Calling the main application, a MVC based site running Umbraco, works fine, or rather, all the dynamic content works fine, just not static content.
To give a little more information:
Currently the IIS 7.5 has 4 sites and 1 ftp server running.
1 site with the following bindings:
http - this 1st site host name - port 80 - ip address *
https - blank host name - port 443 - ip address *
1 site with the following bindings:
http - the 2nd site host name - port 80 - ip address *
1 domain with the following bindings:
http - the 3rd site host name - port 80 - ip address *
The actual domain
http - www.domainname.com - port 80 - ip address *
And finally a ftp server
I hope that someone have any idea what is going on...
Best regards and praying (despite being an atheist),
Poul
Could it be that the Static File Handler is not included for your website?
Check for your website if the Handler Mappings contains Static File as Handler. ( preferrably at the bottom of the list)
Update:
Is there a physical folder under wwwroot called content\styles? or a folder www.domainname.com for that matter?
Did you look at logs from IIS for the application pool of this website
--> C:\inetpub\logs\LogFiles\W3SVCxx (xx = number assigned to your app pool) I forgot how to find that on ( usually I quickly check the couple of folders here.
Maybe it's a security problem -> do you see events in the security eventlogger.
So I found the problem...
It turns out to be a Proxy issue... As this is a new site, the DNS wasn't set up yet and we were using the HOSTS file.
Unfortunately in Bangkok when using a Cable connection, True (the largest ISP) forces you to use a Proxy, without telling you...
Now the DNS was actually pointing to another IIS server...
When I made my request, asking for a file on domain name X.. My machine looked up the IP address through my HOSTS file, sent the request, the proxy then also did a DNS lookup, but got another IP address, and forwarded the request to this IP address instead.
The IIS on that server, knew the IP, knew the domain name, but had another configuration and didn't know the file we were asking for (for the new website)...
So indeed there is a logical explanation for everything, just not always an obvious one.
I actually got onto the problem by testing with another domain, one that didn't exist at all, on this one the proxy of course could not look it up, and started returning code 324.

How to configure ARR - Application Request Routing - to run both as web server applications and as as a reversed proxy?

I have this IIS7.5 with ARR installed on and configured as a reverse proxy to another server which is running IIS7.
On this IIS7.5 I have ASP.NET 4 applications and simple websites installed.
Since configuring a farm on this IIS7.5 running it as a reversed proxy, the local application doesn't run with this error message:
502 - Web server received an invalid response while acting as a gateway or proxy server.
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
Will it be possible to run both local application and routing (reverse proxy) on this IIS7.5 at the same time or should I give up and move the applications to other servers?
Application request routing operates as a server-wide URL-rewriter.
This means that it captures all traffic coming to a box.
You can still host an IIS website on the same box, but you need to make sure that ARR leaves the requests for this site alone.
I set this up so that the ARR rule, while still remaining a wildcard *, I make sure that part of the match conditions is for requests to my local site to be left alone.
There are a number of conditions you can use to create a does not match rule.
Ive used:
{HTTP_HOSTNAME} if you are just doing HTTP requests and just want certain domain names to be left alone.
{SERVER_PORT} if you're hosting an SSL site and are the only one on the box.
{LOCAL_ADDR} if your site sits on a dedicated IP address.
many more.... really you just need to set up rules that exclude your locally hosted website.

How to configure Application Request Routing in IIS 7.0 for 2 applications running locally on different ports?

I've got 2 applications running on my local machine. One sharepoint and another IIS application:
localhost:43442
localhost:5080
I've installed ARR and need to configure it to run these 2 apps on a host and port but when adding a new server, it only accepts a server name rather than its port as well.
Any help?
For me, I needed to add a server to my server farm, called localhost. Clicking Advanced Settings... lets you specify the http and https ports. Set those to the ports that you would like your domain proxied to.
After that, create an inbound rule for URL Rewrite that matches the HTTP_HOST condition with a pattern of your website domain that the server is acting as a proxy for. Select Route to Server Farm for the action and select the specified server farm.
I added a new Inbound Rule and it worked :)

How can I access a website configured with host headers in IIS on the local machine?

When using host headers to host multiple websites on the same IP address in IIS, is there any way of accessing that website from a browser running on the local machine?
This is normally required when a given web component only allows configuration from the local machine. It's also useful when things like ASP.Net's built in error handling isn't working and you can only view the error in the browser but don't want to allow remote users to see it.
This has baffled me for a while and everytime I come across it I end up giving up in frustration and reconfigure stuff so I can accomplish such tasks remotely.
Added: #Ishmaeel - modifying hosts doesn't seem to help - you either get a 400 error (if all websites have host headers) or whichever site is configured without a host header.
Just an idea: Mapping the hostname to 127.0.0.1 in the hosts ($WINDOWS$\system32\drivers\etc) file may help. This way you should be able to pull up the local IIS site by typing the hostname as if it's a remote server
Maybe I am not understanding the question, but what's wrong with just typing in the URL for the website? If it's the matter of domain name resolution, you can point to the right DNS or put it in hosts file.
eed3si9n -- if you are trying to access a url locally and you use host headers you cant just type in the url: for example you have 2 websites (website1.com website2.com) on 1 server using host headers. the local ip of the web server is 192.168.1.50 --> if you type in 192.168.1.50 you will get a 'page cannot found'. if you put in the url website1.com or website2.com you will be accessing the sites from the outside (not locally).
so the problem is how to access the sites locally not from the outside -- for example i need this ability so that i can access locally as the test sites are only available locally. not from the outside...
You can try telnetting to the server.
$ telnet localhost 80
(type these lines manually)
GET / HTTP/1.1
Host: www.example.com
(exchange www.example.com for the host name your server is mapped to)
I would assume the only way you can do this is assigning a custom port to the specific website you want to monitor and just access it as "localhost:CustomPort".

Resources