I have just installed the IIS so I can view asp files in a browser but when I put the address in a browser as : http://localhost/index.asp I get an error.
The error shows this:
HTTP Error 401.3 - Unauthorized
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
I really need to get this sorted out, I would highly appreciate any advice on this.
My issue was around the identity used in the app pool. I changed the site's Authentication to "Application pool identity" as well as giving the directory the appropriate permissions.
OK, working from memory here as I am not in front of a Windows machine.
If you right click on your webroot folder /inetpub/wwwroot/ or the website directory you are working on open properties and select security, I think it is, you will see the list of users with their permissions for that folder. There is a section to add new users where you can add the IIS_IUSRS account (search from the list of users if you need to) which will be the default user used when anonymous authentication is enabled. Give this account the relevant permissions (read, write, execute) ensuring you apply to file and subfolders. Refresh the website in IIS and you should hopefully be good to go.
I had one folder not working (extracted from a zip file which came from an email from some kind of MS Sharepointy thing. Or something). The files were all marked with Windows Explorer -> Right Click -> Properties -> Advanced -> Encrypt contents to secure data. Unticking cured it.
In my case I had created an application in IIS 7 on Windows 7 using "Add Application" on the Default Web Site. I had to add the "users" account from the local machine and that got rid of the permissions error.
I had this happen to me and what I needed to do was apparently add a web.config file. Doesn't matter that it was just a PHP site, and that "Everyone" had full control. Until there was a basic Web.config - NO DICE!
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers accessPolicy="Read, Execute, Script" />
<defaultDocument>
<files>
<clear />
<add value="index.php" />
<add value="Default.htm" />
<add value="Default.asp" />
<add value="index.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
<directoryBrowse enabled="false" />
</system.webServer>
</configuration>
Here, the set up process is explained in detail. You can follow the steps.
http://coldfusion-tip.blogspot.com/2013/10/you-do-not-have-permission-to-view-this.html
Related
Ok, so on my new site bob.testing.com, I set it up as anonymous authentication. Under it, i have a folder called apps. That's not an app, and there's no configuration on it. Under apps, I have a folder called MyApp. Originally, I set this up as Windows Authentication, but later I needed to update it to Anonymous. If I rename this folder to MyApp2 and create the application it works with Anonymous Authentication. When I rename it back... it sends back 401. I've tested with Fiddler, tried changing browsers, had someone else at work try it. Same results. I've tried recycling app pool, changing app pool, restarting IIS...
Anyone know how to delete whatever information IIS has cached about this application? I'd prefer not to have to rename and refactor my other apps for this item.
So, after posting; I actually looked here:
C:\Windows\System32\inetsrv\config\applicationHost.config
It was listed with two location path's. I ended up just deleting both and then setting it up again as an application. It appears to be working for now...
Looked something like this:
<location path="bob.testing.com/apps/MyApp">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
I have successfully deployed a Lightswitch HTML application to Azure Websites. I have also forwarded my personal domain to mask the azurewebsite.net address. I am now able to access the site by typing mydomain.com/htmlclient and everything works fine. If I type in just the my domain.com, however, I get the you do not have permission error.
This is close but ultimately I would like to be able to enter just the domain and have it automatically forward to the htmlclient folder. I know it is possible but I'm not sure if I can get there with settings in azure or my domain host or if I have to drop a page in the root (it appears that the default and login.aspx pages for forms authentication are already in the root).
Any help would be appreciated.
In the Visual Studio 2013 version we've found this is simply a case of adding an additional entry to the LightSwitch server project's web.config file.
This additional entry needs to reference the default.aspx file (which should already be part of the server project) and should be introduced into the defaultDocument section of the web.config. In the following example, this new line appears immediately after the standard default.htm line: -
<defaultDocument>
<files>
<clear />
<add value="default.htm" />
<add value="default.aspx" />
</files>
</defaultDocument>
I just added a CFwheels site to my IIS 8 and instead of going to the actual page is showing the directory structure on the browser. Any hints on what I should check?
Geo,
Your problem is the default document settings as Anit has suggested. In the IIS8 control pannel look for a cpl called "default document". It will show a list of documents that are served by "Default" so that when you navigate to something.com/home it actually serves up something.com/home/index.cfm (as an example).
Make sure you add your desired default document to the list. You can aslo do this in the web.config file:
<configuration>
<system.webServer>
<defaultDocument enabled="true">
<files>
<add value="index.cfm" />
</files>
</defaultDocument>
</system.webServer>
</configuration>
You are correct I think that if it is an Adobe AMI it should have such a setting by default - but perhaps you are not using a standard default doc.
You probably want to disable directory browsing as well - that's also a cpl I think.
I want to import virtual directory setting via file in IIS 8.5, but cannot find an option to do so. In IIS 6 you can:
Right click on the site -> New -> Virtual Directory (From File)
I do not see this option in IIS 8.5, only an option to 'Add Virtual Directory...'
Google is not helping today. Does anyone know how this can be accomplished?
I was not able to find a way to do this similar to how you can in IIS 6, maybe there is a powershell command...
However, I did find a way to add sites via the applicationHost.config file, which is usually located at: C:\Windows\System32\inetsrv\config. (be sure to make a back up of the file in case you make a booboo).
Since I have similar sites and apps, it is was easy to copy and paste, and modify the necessary fields.
You can add sites and app pools in the section:
<system.applicationHost>
App Pools:
<applicationPools>
...
Sites:
<sites>
If you have applications under a site then there has to be a corresponding location node:
<location path="Default Web Site/yoursiteapp">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
<access sslFlags="None" />
</security>
</system.webServer>
</location>
I have a web service that contains 2 asmx files (public.asmx and private.asmx). On IIS6 I could go to the properties of private.asmx then, from the 'File Security' tab, deny all computers access except the IP address for localhost.
In IIS7 I only seem to be able to do this for an entire folder. What am I missing?
Funny - I found this question because I have the same problem, but I think the solution is as follows:
In IIS7, browse to the directory containing your public.asmx and private.asmx files.
The title at the top will reflect the current directory, like "WebService Home". Click the "Content View" button at the bottom.
Right-click on your public.asmx file and choose "Switch to Features View".
The title should be "public.asmx Home" to confirm that you're managing the one file.
Add your IP restrictions. In this case, I think you want an Allow entry for 127.0.0.1 and choose "Edit Feature Settings" from the Action menu to Deny access to unspecified clients.
Click your containing folder again (e.g. WebService) and switch to Content View again to repeat these steps on private.asmx.
I am learning the ropes of IIS7 myself, but I hope this answers your question.
Found this question via Google and was looking for how to do it via the .config file but could not find that answer here. I've since tracked down the info:
The ipSecurity element is used by the web.config in IIS7 to restrict access by IP Address. You can use it like this:
<configuration>
<location path="private.asmx">
<system.webServer>
<security>
<ipSecurity>
<add ipAddress="192.168.100.1" />
<add ipAddress="169.254.0.0" subnetMask="255.255.0.0" />
</ipSecurity>
</security>
</system.webServer>
</location>
</configuration>
Update: Note that the role has to be added for this security to be enabled. See the ipSecurity article linked above.