Legacy ASP site issue - iis

I'm dealing with an issue where there was a site setup, and the default.htm used an iframe which pointed to an ASP directory. It seems like the ASP directory isn't readable and not processed - is there anything special that needs to be done to the ASP directory like permissions-wise?
wwwroot/sitename
<iframe src="ASP/file.asp"></iframe>
wwwroot/sitename/ASP/file.asp exists, and several other asp files but they aren't getting referenced by the iframe.
Update: I'm getting a 404..
The page cannot be found
I think I have to create a virtual directory and name it ASP. I never use IIS though - does anyone know how this works? And would I need to restart IIS after creating the virtual directory?
Update #2: More info..
Execute permissions: Scripts Only
Application name: asp
For Authentication Methods, "Integrated Windows authentication" is checked
Local Path: Read
Update #3: I can access asp/file.htm file fine. Can anyone provide code for a simple test I could do to see if its working properly ( I have no ASP/VBScript experience )..
one of the top of the pages contains <%# LANGUAGE="VBSCRIPT"%>

Is this IIS6 by any chance? In IIS, under Web Sites there is a folder called Web Service Extensions. Make sure Active Server Pages are set to Allow and not Prohibited!

When you create a virtual directory for an ASP site in IIS, you have to make sure it is allowed to execute scripts. What version of IIS are you using? In 5.0 and 6.0, there should be a checkbox Run Scripts (such as ASP). Make sure that's checked.

Try putting a test.html file in the root directory of the site and then try to open it through wwwroot/sitename/asp/test.html - .html files won't be processed by asp.dll and so should display if the site is setup correctly even if there is some kind of asp.dll problem.
If you can't see a html file then I guess you will need to configure the website in IIS (not sure if a virtual directory is necessary from the information given) - check the 'home' tab to see if the path to the application is correct first.
If you can see the html file then I'd guess that asp is not properly installed (but that is a guess).

Related

IIS file download

I've created a new web site in IIS on my machine for testing purposes. Beneath the root I have a folder called documents where I have a bunch of pdf's that should be downloadable. However, when I hit the URL localhost:54510/documents/file.pdf I get a 404 error (Chrome, IE and Firefox).
I've added IIS_IUSRS permissions for the specified folders and the service is running since I can access my ASPNET WebApi - localhost:54510/api/whatever-service-function.
I can't grasp my head around what causes this.
PDF is specified in MIME-types as Application/pdf.
Another thing is, when I add the documents folder as a virtual directory in the Default web site then it works to download it from localhost:80/documents/file.pdf.
I have also tried to add the documents folder as a virtual directory in my web-site and set my local user as the authenticator to see if it had anything to do with permission.
I'm running on IIS 10.
Does anyone have any ideas?

Using IIs as it I would use Apache

I want to use IIS the way I use Apache. With that, I mean to, for example, create a simple html file, with only a "hello" message, put this file inside the IIS folder and then be able to access this html page thru eg.: localhost/mypage.html.
I can't figure it out how to make this. I've searched on Google, but nine has helped me.
My doubts are:
The IIS server is turned on, I saw this on the IIS Manager. So, what are the folder that I should place my html file and what are the default port that IIS uses so I can access my html file via localhost?
Create a new website and point to the folder where your html file resides
GO to IIS Manager->Right Click on Sites -> Add Website
Are you getting the localhost default screen
Restart Your server as whole,
See if the IIS Worker Process is running on the task manager,

Coldfusion security issue...how to hide directory of files?

So, I decided to try to break my website...I googled my site by typing in site:mysite.com/whatever and behold, all of the users uploaded files were available for view under a specific directory.
What kind of script/ counter measure should I use to block these files from being viewed? I already have a script that checks the path and the logged in status, however this doesn't seem to be working. I've looked all over for solutions...but I can't quite find one. I'm using ColdFusion 8.
This isn't a ColdFusion issue so much as a web server configuration issue.
You should either:
configure your web server not to show a directory of files when using a URL without a filename (e.g., http://www.example.com/files/)
drop a blank default web document (index.html, index.htm, default.htm, index.cfm, whatever) into that directory so that it displays that document rather than the list of files. If you use index.cfm, it'll fire your Application.cfm/cfc in your file path and use whatever other security you've built.
(or, better, do both)
The best way to secure your file listings and the files themselves is to store them in another folder outside of the Web site root folder. You can then serve them up using CFDIRECTORY and CFCONTENT. The pages that display the files can check your access controls and only serve the files to those allowed to see them.

How to setup IIS 7 using physical path directing to DropBox?

I'm using multiple computers for development and I want to be able to store my files in my dropbox folder. I went to change the physical path in IIS from c:\inetpup\wwwroot to the dropbox folder but I get this error:
The requested page cannot be accessed
because the related configuration data
for the page is invalid.
I couldn't find the config file so I was wondering if anyone had done this before or whether there a better way to sync everything nicely across several PCs?
I tried it (IIS 7.5, Win 7) and it should work just fine to let your physical path of your web look at your dropfox folder. I would guess your web.config file generally contains malformed XML (see KB942055).
I'd suggest, try to map it to an empty folder just with an index.html file and see if this error still occurs.
As a workaround, I guess you can put Dropbox in your wwwroot folder and set up a virtual directory that points to Dropbox. However, there are some security issues that may hinder you from doing so. I come across a nice tutorial on how to set up Dropbox to IIS as FTP Publishing. Hope it helps.
Hodgin's guide on using Dropbox as FTP publishing.

I cannot access files in IIS 6

I have a default IIS 6 install and I can access only .html files. If I create a html file I can see it on the browser. Any other files like ini for example are not visible (404). Any idea on what can be the issue?
Check the web service extensions are enabled (in IIS below the websites is a folder for them) for the content you are trying to share.
Check that the handler mappings is setup correctly (on the website properties)
This may help :
IIS & ASP.NET blocking file

Resources