I just added a CFwheels site to my IIS 8 and instead of going to the actual page is showing the directory structure on the browser. Any hints on what I should check?
Geo,
Your problem is the default document settings as Anit has suggested. In the IIS8 control pannel look for a cpl called "default document". It will show a list of documents that are served by "Default" so that when you navigate to something.com/home it actually serves up something.com/home/index.cfm (as an example).
Make sure you add your desired default document to the list. You can aslo do this in the web.config file:
<configuration>
<system.webServer>
<defaultDocument enabled="true">
<files>
<add value="index.cfm" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
You are correct I think that if it is an Adobe AMI it should have such a setting by default - but perhaps you are not using a standard default doc.
You probably want to disable directory browsing as well - that's also a cpl I think.
Related
I need to add a location element in my web.config file, but the path starts with a dot (and I don't think I can change that path, it's for letsencrypt automation).
If I let the dot, like in <location path=".well-known/acme-challenge"></location>, the site doesn't start at all (I think the web.config file is not parsed at all because I get the page asking me to configure customErrors, but it is already configured and usually works fine)
If I remove the dot, like in <location path="well-known/acme-challenge"></location> the web.config file is correctly loaded, but of course that doesn't help me to configure anything at the location I wish.
The final goal is to disable basic authentication (which I need for the rest of the site) on this path only ; I don't even know if I'll be able to set this up in a <location> element.
I had a similar problem where I had a ASP.NET Forms site that was forcing authentication on all pages.
To expand on the accepted answer, here is the exact web.config I put in the /.well-known folder (NOT the /.well-known/acme-challenge folder):
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<!-- This will stop any redirects you have at the higher level -->
<httpRedirect enabled="false" />
<!-- This will stop any integrated mode settings you have at the higher level -->
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
<!-- This will allow unauthenticated users to acme-challenge subfolder -->
<location path="acme-challenge">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
After adding this file, I was able to use EcdsaAcmeNet to use Lets Encrypt with the site in IIS.
As suggested by Ondrej Svedjdar in comments, the solution is so simple I didn't think about it.
Just add another web.config file in the folder where you need it.
I want to create a default document called default and in that document I want it to rewrite the URL so instead of going www.bob.com it should instead go to www.bob.com/uv
Right now this is being done through URL rewrite rules, with patterns and all kinds of complications. I saw this done directly in the default document once, I cant remember if it was default.htm or .html or .aspx, using one line of code and I was very intrigued but I have not found it since then and no good examples have come up in my google searching. Does anyone have a link or could write the single line of code to add \uv to the url? Is there a really good example of it anywhere?
You can add which ever default page you want from IIS Manager -> -> Default Document - > Add (on right side) or by adding below in your web.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<add value="default.aspx" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
However this is a rewrite i.e. this will load default.aspx when you browse www.bob.com (URL remains same but the page is actually loaded).
If you want to actually change the URL (redirect) then with the same configuration above this below line in default.aspx
<%Response.Redirect("home.aspx")%>
I have just installed the IIS so I can view asp files in a browser but when I put the address in a browser as : http://localhost/index.asp I get an error.
The error shows this:
HTTP Error 401.3 - Unauthorized
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
I really need to get this sorted out, I would highly appreciate any advice on this.
My issue was around the identity used in the app pool. I changed the site's Authentication to "Application pool identity" as well as giving the directory the appropriate permissions.
OK, working from memory here as I am not in front of a Windows machine.
If you right click on your webroot folder /inetpub/wwwroot/ or the website directory you are working on open properties and select security, I think it is, you will see the list of users with their permissions for that folder. There is a section to add new users where you can add the IIS_IUSRS account (search from the list of users if you need to) which will be the default user used when anonymous authentication is enabled. Give this account the relevant permissions (read, write, execute) ensuring you apply to file and subfolders. Refresh the website in IIS and you should hopefully be good to go.
I had one folder not working (extracted from a zip file which came from an email from some kind of MS Sharepointy thing. Or something). The files were all marked with Windows Explorer -> Right Click -> Properties -> Advanced -> Encrypt contents to secure data. Unticking cured it.
In my case I had created an application in IIS 7 on Windows 7 using "Add Application" on the Default Web Site. I had to add the "users" account from the local machine and that got rid of the permissions error.
I had this happen to me and what I needed to do was apparently add a web.config file. Doesn't matter that it was just a PHP site, and that "Everyone" had full control. Until there was a basic Web.config - NO DICE!
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers accessPolicy="Read, Execute, Script" />
<defaultDocument>
<files>
<clear />
<add value="index.php" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
</system.webServer>
</configuration>
Here, the set up process is explained in detail. You can follow the steps.
http://coldfusion-tip.blogspot.com/2013/10/you-do-not-have-permission-to-view-this.html
Our site's favicon.ico file hasn't changed in years - and isn't going to change any time soon - so I'd like to configure IIS to serve it with a far-future cache expiry header. The rest of the content in the root folder of my site is dynamic pages that shouldn't be cached - but as far as I can tell, IIS only allows you to set content expiry cache on a per-folder basis - so is there any way to set a cache header for favicon.ico without affecting the rest of the content in the home directory as well?
Yep - drill down to the file.
In IIS Manager (on IIS6), navigate to the file, right click, properties, HTTP Headers tab, check Enable Content Expiration; party on with the other settings.
Kudos to Dylan (below) for IIS7 instructions and this snippet.
This creates the following section in web.config, so you can probably achieve the same thing just by editing the file directly.
<configuration>
<location path="favicon.ico">
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="90.00:00:00" />
</staticContent>
</system.webServer>
</location>
</configuration>
I have a web service that contains 2 asmx files (public.asmx and private.asmx). On IIS6 I could go to the properties of private.asmx then, from the 'File Security' tab, deny all computers access except the IP address for localhost.
In IIS7 I only seem to be able to do this for an entire folder. What am I missing?
Funny - I found this question because I have the same problem, but I think the solution is as follows:
In IIS7, browse to the directory containing your public.asmx and private.asmx files.
The title at the top will reflect the current directory, like "WebService Home". Click the "Content View" button at the bottom.
Right-click on your public.asmx file and choose "Switch to Features View".
The title should be "public.asmx Home" to confirm that you're managing the one file.
Add your IP restrictions. In this case, I think you want an Allow entry for 127.0.0.1 and choose "Edit Feature Settings" from the Action menu to Deny access to unspecified clients.
Click your containing folder again (e.g. WebService) and switch to Content View again to repeat these steps on private.asmx.
I am learning the ropes of IIS7 myself, but I hope this answers your question.
Found this question via Google and was looking for how to do it via the .config file but could not find that answer here. I've since tracked down the info:
The ipSecurity element is used by the web.config in IIS7 to restrict access by IP Address. You can use it like this:
<configuration>
<location path="private.asmx">
<system.webServer>
<security>
<ipSecurity>
<add ipAddress="192.168.100.1" />
<add ipAddress="169.254.0.0" subnetMask="255.255.0.0" />
</ipSecurity>
</security>
</system.webServer>
</location>
</configuration>
Update: Note that the role has to be added for this security to be enabled. See the ipSecurity article linked above.