Solved

403 - Forbidden error even for HTTP after removing HTTPS binding

Posted on 2010-09-13
6
1,174 Views
Last Modified: 2012-08-14
I have an SBS2008 server that I installed a GoDaddy UCC SSL certificate on over the weekend. Today, users trying to get to a timesheet applicaiton that runs on the SBS Server are getting a 403 - Forbitten error when they try to access the site. They had not used HTTPS before, onmly HTTP.

The timesheet applicaiton was installed on the Default website. It is a virtual directory. I went the the bindings of the default website and removed the HTTPS protocol from the bindings in IIS7. I performed IISReset but I am still getting the 403 error.  

I stopped and started the entire IIS through the IIS7 manager interface and I still get the error.

Any ideas?

Thanks,

Dave
0
Comment
Question by:dcadler
  • 4
  • 2
6 Comments
 

Author Comment

by:dcadler
Comment Utility
Here is the message I am getting when I try to access the web page.

"HTTP Error 403.4 - Forbidden
The page you are trying to access is secured with Secure Sockets Layer (SSL)."

However, I only have HTTP as the bound protocol in the Website bindings. T
0
 
LVL 29

Expert Comment

by:Rich Weissler
Comment Utility
On the Default Web Site, under 'SSL Settings', confirm you don't have Require SSL selected.

Looking at odder instances...
Also on the Default Web site, under HTTP Redirect, confirm that under the Redirect requests to this destination, the next box is blank.   (http://www.dotnetnuke.com/Community/Forums/tabid/795/forumid/107/threadid/361291/scope/posts/threadpage/2/Default.aspx)
0
 

Author Comment

by:dcadler
Comment Utility
If I select the virtual directory, dovtimesheet, under default Website and then select SSL settings, it shows that the "Require SSL" check box is checked but it is grayed out and I can't uncheck it.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:dcadler
Comment Utility
the "redirect request to this destination" field is blank
0
 
LVL 29

Accepted Solution

by:
Rich Weissler earned 500 total points
Comment Utility
Ah... rebind port 443 to https with any certificate.  Then go back and uncheck 'require ssl'...
Then go back and remove the binding for https again.
0
 

Author Closing Comment

by:dcadler
Comment Utility
That did the trick - Thanks
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now