I have a site/application I would like to load in IIS. The root of the folders contains a web.config and index.asp. The sub folders are asp, scripts, styles, images.
I add Add Web site in IIS, define the physical path to the location of the index.asp, assign the IP address for host name I tried local host, IP, and leaving it blank. When I click on Browse Website I receive a HTTP 500 Internal Server Error. IIS is running and the Web Site is started in the Manage Website menu.
If I write a short index.html hello world page and set it as default document it displays ok. When I change default document back to index.asp I get the 500 error again.
Could someone give me a tip on how to proceed?
Here is my web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<identity impersonate="true" />
</system.web>
<system.webServer>
<defaultDocument>
<files>
<add value="index.asp" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
This is going to be a guess at best, since a 500 can mean anything without a sub-status code. It probably is due to configuration inheritance. index.asp is already in the default list of default documents at the server level. By adding index.asp, it may be causing a unique hey violation when the configuration inheritance is flattened into the effective configuration.
Suggestion:
Add a <clear /> element right above the <add value="index.asp" /> and try again. Otherwise, we will need to go get the sub status code of that 500 to get more information. The IIS log usually contains the sub status in the sc-substatus.
Resulting Configuration
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<identity impersonate="true" />
</system.web>
<system.webServer>
<defaultDocument>
<files>
<clear />
<add value="index.asp" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
If this works, then the reason it originally works with index.html because index.html is not in the default files list.
Additional Note
The other thing I can think of is that impersonation being enabled. If you are running the application pool in Integrated Pipeline mode, you'll need to turn off integrated mode configuration validation. More information can be found here: Integrated Pipeline mode configuration validation.
New Resulting Configuration
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<identity impersonate="true" />
</system.web>
<system.webServer>
<validation validateIntegratedModeConfiguration="False" />
<defaultDocument>
<files>
<clear />
<add value="index.asp" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
Related
I'm trying to use the Certify SSL Manager to configure SSL certificates from Let's Encrypt on my IIS server, but it fails during the check.
https://dev.mywebsite.com/.well-known/acme-challenge/configcheck/
This works:
https://dev.mywebsite.com/well-known/acme-challenge/configcheck
https://dev.mywebsite.com/.well-known/acme-challenge/test.txt
So I assumed it's the . before well-known. But the fact that test.txt works confuses me.
I've already configured the directory according to this discussion:
https://github.com/ebekker/ACMESharp/issues/15
I have a bunch of rewrite stuff in my web.config, but even if I remove that section completely, it still fails.
Perhaps check if the acme-challenge web.config contains a conflict within the handler section. Do so by opening IIS manager, find the acme-challenge folder en double click the handler mapping icon. In my case, this resulted in an error.
The problem I ran into with the default web.config in the acme-challenge folder was that the applicationhost.config contained:
<section name="handlers" overrideModeDefault="Deny" />
The handlers section in the acme-challenge web.config therefore was not allowed with the result that the challenge failed. In this case the solutions were:
Change applicationhost.config line to:
<section name="handlers" overrideModeDefault="Allow" />
Or ...
Remove the handlers setting from the web.config in acme-challenge folder.
The applicationhost.config can be found here: c:\windows\system32\inetsrv\config
The configcheck url is a file, not a directory. Make sure that file exists on disk (i.e. C:\inetpub\wwwroot\.well-known\acme-challenge\configcheck) in your webroot. Then try to load your links with this barebones web.config in your website root directory (if using ASP.NET):
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension="." mimeType="application/unknown" />
</staticContent>
</system.webServer>
</configuration>
If that works, try slowly adding back in your web.config sections including routes/rewrite until you figure out what's causing the problem.
If using ASP.NET Core with a wwwroot folder hosting your static files, you'll have to modify your config in Startup.cs instead:
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
string filepath = Path.Combine(Directory.GetCurrentDirectory(), #"wwwroot/.well-known");
app.UseStaticFiles(new StaticFileOptions()
{
FileProvider = new PhysicalFileProvider(filepath),
RequestPath = new PathString("/.well-known"),
ServeUnknownFileTypes = true
});
// ... your other startup code here
}
I had to modify the web.config as follow to fix the error:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension="*" mimeType="text/plain" />
</staticContent>
<handlers>
<clear />
<add name="StaticFile" path="*" verb="*" type=""
modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule"
scriptProcessor="" resourceType="Either" requireAccess="Read"
allowPathInfo="true" preCondition="" responseBufferLimit="4194304" />
</handlers>
</system.webServer>
</configuration>
Having an issue with restricting IP security.
I have made a web.config file and placed it in the folder I am trying to restrict see below:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<security>
<ipSecurity allowUnlisted="false" enableProxyMode="true" denyAction="Forbidden">
<clear />
<add ipAddress="123.456.789" allowed="true" />
</ipSecurity>
</security>
</system.webServer>
</configuration>
I have also adjusted the applicationHost.config to:
<section name="ipSecurity" overrideModeDefault="Allow" />
However when browsing to a file in that folder I get a 403.
I have restarted IIS and IP address is correct.
What am I missing?
Check the client IP (c-ip) in IIS logs and add that to ip - restrictions rules.
I'm trying to download the bootsrap fonts from a container I have in a site hosted by OK Hosting. I can download the font manually but when using it in a CSS on a page hosted in another server, it fails because cross site access is disabled.
I know OK Hosting uses IIS but they give you a web based control panel.
How do I enable cross site access?
Ok, you just have to add a file called web.config at the root of your site with the following:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
You might also need the following just below the Access-Control-Allow-Origin.
<add name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Content-Type" />
I'm trying to configure the default webpage for an IIS 7.5 website.
Request filtering is turned on. However .aspx pages are allowed, I've set default.aspx to be the default page for the website.
If I browse to localhost/default.aspx I get a webpage as expected.
IF I browse to localhost/ I get
HTTP Error 404.7 - Not Found
The request filtering module is configured to deny the file extension.
Any ideas?
It looks like the request filtering is actually filtering for a blank file name. Therefore you have to add this to the request filtering block in the web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="true">
<remove fileExtension="." />
<add fileExtension="." allowed="true" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration>
It's obvious now, but really I think its a massive gotcha.
More info: IIS 7 Not Serving Files - 404.7 Error
You can resolve by adding:
<requestFiltering>
<fileExtensions allowUnlisted="true">
<remove fileExtension="." />
<add fileExtension="." allowed="true" />
</fileExtensions>
</requestFiltering>
to your Web.Config file
You can resolve this by adding the file extension into the request filtering module of IIS.
Be sure to remove any PostBackURL="MyPage.aspx" from the button on the page. My guess is that when the postbackurl is included, IIS thinks its getting the page as a file. It rejects the .aspx file type by default. You can see this in the page error.
Bad: Creates a 404.7 (notice the PostBackURL)
<asp:FileUpload runat="server" ID="uplReplaceFile" ToolTip="Update this file" />
<asp:Button runat="server" PostBackUrl="MyPage.ascx" ID="bnHiddenFileUploadListener" OnClick="bnHiddenFileUploadListener_OnClick" />
Good: No error
<asp:FileUpload runat="server" ID="uplReplaceFile" ToolTip="Update this file" />
<asp:Button runat="server" ID="bnHiddenFileUploadListener" OnClick="bnHiddenFileUploadListener_OnClick" />
I would like to set up rules in IIS7 for static content caching in my ASP.NET website.
I have seen these articles, which details how to do it using the <clientCache /> element in web.config:
Client Cache <clientCache> (IIS.NET)
Add Expires or Cache Control Header to static content in IIS (Stack Overflow)
However, this setting appears to apply globally to all static content. Is there a way to do this just for certain directories or extensions?
For example, I may have two directories which need separate cache settings:
/static/images
/content/pdfs
Is it possible to set up rules for sending cache headers (max-age, expires, etc) based on extensions and folder paths?
Please note, I must be able to do this via web.config because I don't have access to the IIS console.
You can set specific cache-headers for a whole folder in either your root web.config:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<!-- Note the use of the 'location' tag to specify which
folder this applies to-->
<location path="images">
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="00:00:15" />
</staticContent>
</system.webServer>
</location>
</configuration>
Or you can specify these in a web.config file in the content folder:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="00:00:15" />
</staticContent>
</system.webServer>
</configuration>
I'm not aware of a built in mechanism to target specific file types.
You can do it on a per file basis. Use the path attribute to include the filename
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<location path="YourFileNameHere.xml">
<system.webServer>
<staticContent>
<clientCache cacheControlMode="DisableCache" />
</staticContent>
</system.webServer>
</location>
</configuration>
I had the same issue.For me the problem was how to configure a cache limit to images.And i came across this site which gave some insights to the procedure on how the issue can be handled.Hope it will be helpful for you too
Link:[https://varvy.com/pagespeed/cache-control.html]