I have the simplist of web.config files and it works fine locally but on Windows Azure webs it doesnt show detailed errors ? Do they have them disabled on their services.
You cant get much simpler than this
<?xml version="1.0"?>
<configuration>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="false" targetFramework="4.0"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
-->
<customErrors mode="Off"/>
</system.web>
</configuration>
But yet I still get the yellow screen of death
Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
This is most probably due to config file transformation that happens when you create and deploy package on Azure. Check you web.config file related to build configuration used for Azure deployment (mostly it is 'web.release.config') in your web project. There may be config transformation that are setting customErrors to value other than Off
Related
I have inherited the occasional duties for updating my agency website. The website is a very basic, static HTML site that runs on Azure. Only gets updated with new PDF documents. A few weeks ago I got notified by some security people wanting the website to NOT display a yellow screen of death and instead only show a generic 500 status page. The yellow screen of death says that the web.config file can be modified to do this. OK, fine by me.
After looking it appears I don't have a web.config file so I created one but when I copy it via FTP to my Azure account it immediately kills the website. After looking in the error logs in Azure I see that there is a "500.19 error; configuration section 'customerrors' cannot be read be read...missing a section declaration".
Here is my web.config file:
<?xml version="1.0"?>
<configuration>
<system.web>
<customerrors mode="off" />
</system.web>
</configuration>
Any ideas on what is going on? Thanks!
To handle 500 errors, aka Yellow Screens of Death, the following is added to the web.config, again shown as a config transformation.
<?xml version="1.0" encoding="utf-8"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="500.aspx" redirectMode="ResponseRewrite" xdt:Transform="SetAttributes">
<error statusCode="500" redirect="500.aspx" xdt:Transform="Insert" />
</customErrors>
</system.web>
</configuration>
The 500.aspx page added to the site root contains the following markup at the top of the file:
<%
Response.StatusCode = 500;
Response.TrySkipIisCustomErrors = true;
%>
Note: This is not ideal for a multi-site environment where the 500 page should be site-specific. To account for this, add logic to the 500.aspx page to transfer requests appropriately given the hostName requested.
For more details, you could refer to this article.
Running ColdFusion 11 (Update 7) and IIS 7.5
My site application/root level web.config:
<configuration>
<system.webServer>
<httpErrors errorMode="Custom" />
</system.webServer>
</configuration>
My nested web.config file, which sits inside /api/eb :
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
</system.webServer>
</configuration>
When I visit a page that sits within the /api/eb sub-directory (e.g. 401.cfm) and trigger a 401 status code the server will return the Custom error handler response. My interpretation from the docs is that the nested web.config file should override the root web.config file but it clearly is not.
I've checked within the IIS applicationhost file and httpErrors overrideModeDefault is set to true. I also tried using a location tag within my root web.config file to do the same thing but it is also ignored unless I set the path to the wildcard character.
I'm out of ideas. Your help will be greatly appreciated. Thank you in advance.
I found this article which seems to explain your question pretty well - How to Use HTTP Detailed Errors in IIS 7.0
Specifically this excerpt:
Security Considerations
A word of caution: For architectural reasons, IIS can only execute the URL if it is located in the same Application Pool. Use the redirect feature to execute a Custom Error in a different Application Pool.
IIS can also return a 302 Redirect to the browser when a particular error occurs. Redirect is good if you have a server farm. For instance, you can redirect all your errors to a central location that you closely monitor.
There is risk however: responseMode="File" (which is the default) allows you to specify every file on the disk. This will not work if you are very security conscious.
A workable scenario might include only allowing the delegation of the errorMode setting. This enables a developer to receive Detailed Errors for his application even if he is using a remote client. All that is necessary is to set errorMode="Detailed". Here is how to configure this scenario:
Allow the delegation of the httpErrors section:
<section name="httpErrors" overrideModeDefault="Allow" />
Second, go to the section in applicationHost.config and change it so that only errorMode is delegated:
<httpErrors lockAllAttributesExcept="errorMode" lockElements="error">
<error statusCode="404" prefixLanguageFilePath="E:\inetpub\custerr" path="404.htm" />
<error statusCode="401" prefixLanguageFilePath="E:\inetpub\custerr" path="401.htm" />
<error statusCode="403" prefixLanguageFilePath="E:\inetpub\custerr" path="403.htm" />
<error statusCode="405" prefixLanguageFilePath="E:\inetpub\custerr" path="405.htm" />
<error statusCode="406" prefixLanguageFilePath="E:\inetpub\custerr" path="406.htm" />
<error statusCode="412" prefixLanguageFilePath="E:\inetpub\custerr" path="412.htm" />
<error statusCode="500" prefixLanguageFilePath="E:\inetpub\custerr" path="500.htm" />
<error statusCode="501" prefixLanguageFilePath="E:\inetpub\custerr" path="501.htm" />
<error statusCode="502" prefixLanguageFilePath="E:\inetpub\custerr" path="502.htm" />
</httpErrors>
Notice that the correct value for the overrideModeDefault attribute is Allow, not true as you mentioned in your question.
This article further explains the overrideModeDefault attribute - Understanding IIS 7.0 Configuration Delegation
Excerpt:
The overrideModeDefault attribute is an optional attribute that defines the locked state of a section. Its available values are either Allow or Deny. The default value is "Allow". All IIS sections that are related to any performance, security or critical aspect of the server are locked with this attribute set to "Deny". If the overrideModeDefault attribute is set to "Deny", then any configuration files at a lower level (i.e. web.config files) that set a value for a property for the specific configuration section are not able to take effect and override the global values. This incurs in a lock violation and an error occurs.
I have Sitecore as site root (which is running ok) and under it I need to have a bunch of asp.net applications running.
So far, created a virtual directory for the child application, turned it into an app. But as soon as I browse the child app it comes with this error message.
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: CS0246: The type or namespace name 'Sitecore' could not be found (are you missing a using directive or an assembly reference?)
Source Error:
Line 3264: </providers>
Line 3265: </roleManager>
Line 3266: <profile defaultProvider="sql" enabled="true" inherits="Sitecore.Security.UserProfile, Sitecore.Kernel">
Line 3267: <providers>
Line 3268: <clear/>
It seems that the child asp.net app is inheriting Sitecore settings which are coming from Sitecore web.config.
Any ideas?
This should be possible. You'll have to author a web.config for that non-Sitecore application in virtual directory, and overwrite the sections under <system.web> and <system.webserver> which reference Sitecore classes. This includes:
httpModules / httpHandlers (for these you should "remove all" and add those of that web app)
security section (put the default ASP.NET provider classes back)
in Sitecore main web.config add the path of this web app to IgnoreUrlPrefixes setting to let Sitecore know it should not handle requests to those
It might be something else, but you should get the general idea.
This answer is similar to Yan, but is different enough for a separate answer. Hope it helps.
Go into IIS and select the Child Application. Select Modules. Remove all the Sitecore related modules that are present. Don't worry, the parent Sitecore app will still retain these modules.
When you do this, you are actually changing the child app web.config, so you will see the elements removed in the web.config file like so.
<remove name="SitecoreConfigWatcher" />
<remove name="SitecoreHttpModule" />
You also may have to clear out some other inherited settings.
<profile enabled="false"><providers><clear/></providers></profile>
<roleManager enabled="false"><providers><clear /></providers></roleManager>
I have a Sharepoint site and today when I try to login to the site it gives me the following error
Server Error in '/' Application.
Runtime Error Description:
An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details:
To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
I've got to change this file:
You may also need edit the web.config in the layouts folder of the SharePoint root:
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\web.config
And set
<customErrors mode="Off" />
Change the following in web.config and you will be able to see the detailed error.
<customErrors mode="Off"/>
and
CallStack="true"
Make sure you do this in all the WFEs. You will see detailed error. Once you have the detail error, post it here and we will be able to helop you more.
Set the custom error mode to remote only in your web.config file and try browsing the site again. This time you will get the detailed error with the stack trace. You can proceed from there.
Restart your server then try... Because in my case during I install visual studio on my server system, i can't access my site and i got same error what you posted in above, after restarted my server its works fine. that's why i am saying like that...
What i thought is, actually that time the IIS was disturbed by some other installation program.
Hi I've got a site where I get the classic:
Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
The problem is that although I change CustomErrors to On I can't see the error, and the xml of the web.config is not malformed since I've tried inducing this error and IIS told me, so it must be something else, but what should I look for?
Edit
I Should mention, that I only get this error when I publish my site, web.config doesn't return an error locally, only when I upload to production. I can't even get an html page to display, it still returns the web config error to me
If your using a web.config then I am assuming that you have an ASP.Net application. The web.config stores configurational data for a .NET application. If you don't create an application within your virtual directory then you will see the error you are because there is no application for IIS to serve. This link should help.