I have PHP application that I develop on my local Server 2008 dev server, I then push this to my live site on Azure Cloud Services. This all works fine. In one of my sub folders I have a web.config file with the following in it:
<configuration>
<system.webServer>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
</authorization>
</security>
</system.webServer>
If I attempt to go in to that folder, or view any file in a browser on my dev server I receive the message:
401 - Unauthorized: Access is denied due to invalid credentials.
Which is great!.. If I attempt to go to a file in that folder on my live site, it displays the file just fine. It is completely ignoring the web.config file. I have connected to the running cloud instance of my live site, and can see the web.config file in there.
Why is it being ignored on Azure, but working fine on my dev site?
In case anyone else has the same issue, you need to add a location element to your root web.config/web.cloud.config. It needs to be directly within the configuration element like so:
<configuration>
.....
.....
<location path="--folder or file--">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
</configuration>
Related
I have created a webAPI using .Net Core and trying to publish it to IIS. But getting HTTP 500.19.
It's looking for web.config file but I don't have it.
What should I do?
Did you installed this: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/iis/?tabs=aspnetcore2x&view=aspnetcore-3.1
If Yes check your permissions on the folder. The identity under which your web application runs in IIS may has not full access to the folder in which the web.config file is found. You could change your identity under the appPool or grant access to your folder. If you deployed into the wwwroot folder the IUser should have access to the folder.
When you publish your .net core in IIS please remember to install .net core web hosting bundle because it is not supported by default. IIS handle request based on different handlers. Even when you install the extension, aspnet core module is not registered. So please remember to set
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" requireAccess="Script" />
</handlers>
<aspNetCore processPath=".\myapp.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="InProcess" />
</system.webServer>
</location>
</configuration>
If the solution doesn't fix this. Then something in your web.config is corrupting the application. Please post a screenshot the detailed error message. Then we would know how to fix this completely.
I have a website hosted in IIS using windows authentication. It works fine.
But if I host it as a web application unter a website, windows authentication doesn't work and the authentication window shows and then doesn't go away even if I put in the correct user name and password.
The SPN, delegation and IIS settings should be correct, otherwise the website won't work. Only if I deploy it as web application, windows authentication stoped working. Any idea?
Thanks for the reply, the sub status code is 401.1 and here the web.config file on the application level
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\DataService.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
</system.webServer>
</location>
<system.web>
<authentication mode="Windows" />
</system.web>
</configuration>
I finally found the solution.After enabling ASP.Net Impersonation on the web application, it works.Seems like, the web application needs impersonation to get the kerberos ticket from the website.
I'm getting the following message when trying to save edits to rootweb.config:
Could not write to local resource 'D:\local\Config\rootweb.config' due
to error 'Access to the path 'D:\local\Config\rootweb.config' is
denied.'.
I'm trying to add the following to the file's default configuration after uploading my PHP project (my PHP project didn't include a web.config file):
<system.webServer>
<security>
<ipSecurity allowUnlisted="false" denyAction="NotFound">
<add allowed="true" ipAddress="<ip-address>" />
<!--add allowed="true" ipAddress="<ip-address>" /-->
</ipSecurity>
</security>
</system.webServer>
Is this file supposed to be editable, or do I need to include my own web.config?
Based on another Stack Overflow post I believe you just want to make a web.config and put it in the folder of your php app. You can not edit the configs in that folder you tried to access. You can modify the applicationHost.config via a site extension with a transform. I have experience doing that.
Windows Azure and web.config doesn't run with PHP web site
About Site extensions:
https://github.com/projectkudu/kudu/wiki/Azure-Site-Extensions
I've setup ELMAH on a asp.net mvc 3 site with the correct configuration detailed on another SO question here. Everything works great on my local virtual dev IIS server but when I deploy to an IIS server when I try to go to /Admin/Elmah.axd I get the standard IIS "404 - File or directory not found.". Is there an IIS setting I'm missing?
<location path="admin">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
You have got to add the httphandler to the System.Webserver part of the web.config so that IIS routes it:
<system.webServer>
<handlers>
<add verb="POST,GET,HEAD" path="admin/elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" name="Elmah"/>
</handlers>
</system.webServer>
I fixed the problem by installing the asp.net mvc elmah controller. You can find it here.
We're having trouble getting Forms Authentication to work with a virtual directory in IIS.
We have a main site, and then a microsite setup within a virtual directory. This mircosite has its own admin system within an "Admin" folder, which has authentication on it but currently it is not kicking in and the admin section is browsable by anyone.
The web.config with the admin folder has the following:
<?xml version="1.0"?>
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
<customErrors mode="RemoteOnly" defaultRedirect="~/Admin/Error.aspx"/>
</system.web>
</configuration>
Could anyone give me any clues as to why this might not be working?
Cheers!
What happens if you set this in the web.config at the root of your site instead:
<location path="MicroSite/Admin">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>