on my IIS server, I create a web application and add two bindings:
1. http 80 binding for www.mydomain.com
2. https 443 binding for www.mydomain.com
I can only access , when I access http://www.mydomain.com, I got this problem:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
How can I solve this problem?
The first thing that came up in my mind is your ISP. Some ISPs block port 80 for incoming traffic couse they don't want their customers to have their own webite hosts at home.
Related
I have my own server with the domain abc.com. I want to load some other site e.g xyz.com when users visit my website abc.com. I don't want to load xyz.com in an iframe.
I know one website which is doing something like this. The purpose of doing this is to share account access with others without sharing the password.
You might want to use a Proxy Server, such as Nginx. It allows you to accept the requests to the domain abc.com and forward those requests to the domain xyz.com.
Reference to Nginx Proxy configuration is here.
I have recently switched my website from HTTP to HTTPS. For some external users, they do not have enough permissions to access via HTTPS and they still need to access via HTTP.
I want to keep both HTTP and HTTPS, but HTTP only for a specific group of users.
How to make this change in IIS 8?
Any ideas, please suggest.
You can try the following steps:
Step1: configure https.
Set IIS to work with HTTPS (http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/ )
Test HTTPS locally to make sure that it works.
In your firewall (to Internet), configure it so that it allows port 443 (https) to your IIS server.
This will allow ALL people to access your website using https, since we have not configured any restrictions.
Steps2: configure http.
Install WindowsAuthenticationModule if it is not already installed
In IIS Manager, click the website.
Double click Authentication in the middle pane
Select Windows Authentication and enable it
Select Anonymous Authentication and disable it.
Since the users on your local network is authenticated to AD, and the website is in their local zone, they should automatically authenticate and should not see the login box. People outside your network are not authenticated, hence should need to logon to access the website.
I have web server hosting a site with bindings to HTTP 80 and HTTPS 443.
Some user can't access the HTTPS site and get stuck in the credentials screen, This sames users can access the HTTP site without credentials issues.
I can access the HTTPS site using vpn(Home office), but can't connect to the HTTPS site from the pc in the office.
The authentication method for the site are:
Windows Authentication : Enabled
ASP Impersonation: Enabled
Other methods/options: Disabled
In the logs show this entries:
2021-07-16 21:03:37 111.111.111.111 GET / - 443 - 222.222.222 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/91.0.4472.124+Safari/537.36 - 401 2 5 102
Any advice
Thanks in advance
I have created few subdomains for my domain like api.example.com, dev.example.com and www.example.com. For every subdomain I created an virtualhost in Nginx.
But now the problem is when I visit a domain which does not exist it should be redirected to www.example.com. But this is not the exist instead I am getting an error page that the sub domain does not have an secure connection. Since I am using Let's Encrypt, I get this message all the time for sub domains which is incorrect. I contacted my DNS provider and they told me your settings are correct you have to correct your web server configuration. They added a CNAME.
Now I do not know how to add this in my nginx configuration.
So... you type the https ://incorrect.example.com in your browser?
If so, I think the problem cannot be solved.
In the article (https://community.letsencrypt.org/t/can-i-use-letsencrypt-in-more-than-one-subdomain/16588/8) they said
Let's Encrypt does not currently offer "wildcard" certificates. So you will need to be able to list all the domains you want a certificate for, you can't (as you can with some of the pricier paid certificates) get just one that works for every possible name in your domain. With Let's Encrypt you'd need to issue new certificates for any new names you needed.
That showed you can't set all the certificate of incorrect subdomains...
But if you just type "http ://incorrect.example.com", It can be success redirect without error page.
If error page continue occurring, please post your conf of nginx.
I see two separate questions -
security warning can be removed using a wildcard certificate from letsencrypt. Please see detailed instructions here
Redirect non-existent domains to www.domainname.com
You need multiple server sections in place -
Have server {} sections for each existent domain to port 443 (HTTPS port)
Have one server {} section for *.domainname.com to redirect to port 443 or www.domainname.com
If you are running an app that dynamically uses subdomains (for each customer) the app should also implement the redirection to www.domainname.com for non-existent subdomains.
I have a website working fine on IIS manager. I created a new site with it sharing the same IP and port. For the host header I put in the domain to the site. When i currently go to the domain i get a
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
I checked to make sure anonymous is enabled and setup but still no luck. it doesn't ask for credentials when accessing the site.
At this point i'm not sure what else to do. Does anyone have ideas that I could try?
After spending some time in my domain service site. I apparently put in the wrong IP address to the website server and instead was pointing towards my exchange server.