Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts

Microsoft AD FS server installed and configured post installation this required to install the SSL certificate and complete the configuration , please help to understand if to change the certificate which is already configured for ADFS to new certificate where all the configuration changes to made, I mean how to re-configure adfs OR assign the new SSL certificate to the ADFS sever, can you please list the changes to be done and where all the changes and what all to be done please.
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Dear Experts

while i am deploying the ad fs server installed and configured ssl certificate successfully but some how I misplaced the noted password for .pfx file  I have access to the server from where the CSR file is generated and later on the same server imported certificate through digicert utility but now I am in trouble lost the password for .pfx file and I require this so that same certificate to be installed on other ADFS server in the farm. please help me it is of wildcard certificate on how to recover the password I have access the orginal server from where the CSR is generated . please help
Dear Experts
We procured the wildcard certificate from Symantec and we received the certificate as *.mydomain_com_ee for this I had created CSR file from the microsoft AD FS server the server name was used digicert utility while creating CSR had to mention *  and did import the certificate and created the pfx file and while in this progress changed the prefix from *.mydomain_com to and installed the certificate and configured the adfs
Adfs configuration wizard showing up the following attached the same with more details snap image from the sever for your reference
1. The ssl certificate subject alternative names do not support host name
2. error occured during an attempt to set the SPN for the specified service account Set SPIN for the service account manually
3. Also followed
In this I am not able to understand subject alternative is it required to do this and if yes how and where to configure this subject alternative,  IS it to import one more certificate in additional to the above  and configure something like this OR  as per the SL1 like and add the records in active directory name server
Can you please help me on above 1 to 3
How to resolve 500 error on web page? I did deploy the web project properly but why did the following error comes out?
I have a windows 2016 server with IIS installed and i need to redirect any subfolders after root directory to the root directory. Scenario: to

Thanking you in advance for your answers.

A newbie to IIS rewrite
In the process of migrating a SBS 2011 domain to Servre 2016, Exchange and SharePoint were removed to clean up AD.  However, a short time later several SP users cried ouch that some of their data had not been moved.  By then, the backups for the server had been aged off.  SharePoint was re-installed, but it also crashed all of the web services on the server.  Certainly getting those going would be great, but after a whole lot of time and energy, we tried a different tack: created a new, fresh SBS and am attempting to attach the content database from the original server.

The obvious way to do this, I believe, would be to back up the database, create a new instance on the new SBS, and import the data.  Well, that didn't go so well.  The attempt to back up the database on the old server keeps failing.  So plan B -> copy the data base to the new SBS, attach it as content database, but of course it has no usable credentials on the new server.

Here are my questions:

1. How do I take ownership of the database with credentials from the new server?
    I looked at some of the PowerShell commands but they require -identity and I can't come up with that from IE where I am supposed to see it I think.

2. How can I get it to backup on the old server, and would import then solve the problem?
    I have no idea why I am getting an error on backing this up; the newer content database backs up just fine.

3. How can I fix the web services on the old computer?
    Well this …
Error when accessing SharePoint externally via Internet Explorer with URL in Local Intranet Zone Internet Explorer

After a migration from SharePoint 2013 to SharePoint 2016, users accessing SharePoint externally using Internet Explorer receive the error;

The connection to the website was reset.

I have isolated it to having the URL “” added to the “Local Intranet” Zone in Internet Explorer.

Users that are internal/VPN or that are using Chrome, are not impacted.

If I remove our SharePoint from the Local Intranet zone, we lose our Single Sign on and everybody in the agency has the enter their credentials every time to access SharePoint.

I confirmed that we are not having this issue in our 2013 environment.
How to turn off the Citrix Receiver detection and will it kick off users or cause any downtime?

Our users are constantly getting prompted to download Citrix Receiver, when they are prompted to their username/password from our Citrix StorFront Portal.  Even if they already have Citrix Receiver installed.  The web browsers that always prompt them include:
- Chrome
- FireFox
- Safari

It appears since Google Chrome has disabled NPAPI and that affects the users who access Citrix Receiver from the web and who use Chrome on Windows and Mac.   The following web site explains why that is:

In the past I remember working with a Citrix Consultant that disabled the Citrix Detection feature and that allowed everyone to no longer get prompted, no matter which browser they chose to use.  I am not sure what the consultant did exactly; but, I found on the web:
.  In StoreFront console > right-click the Store > Manage Receiver for Web > Configure > Deploy Receiver, you can turn off Receiver detection.

I have 2 questions:

Question1:  Can I disable the Citrix Receiver detection with the above instructions, in StoreFront?

Quesiton2:  Will the above mentioned changes cause any already connected user to disconnect?  

Quesiton3:  Will the StoreFront server require  some serives to be restarted before the …
I have installed IIS 10 on Win 2016 and have done nothing except tried to access the 'Default Web Site'. So if the server is called '' in any browser I goto '' and I would expect to see the IIS standard page. This does not happen.

What does happen is that the page comes up with:
HTTP Error 503. The service is unavailable.

When I look back at the IIS Manager in the 'Application Pools' section I can see that 'DefaultAppPool' has stopped. It seems as soon as I try to access the site the app pool crashes.

Additionally there are no logs produced and errors in the machine's event log. The errors are multiple copies of:
The worker process failed to initialize correctly and therefore could not be started.  The data is the error.
(Soruce: IIS-W3SVC-WP, EventID: 2276)

After some head-scratching and testing I found the problem but I am still unclear as to the cause.

The problem was that in the 'Advanced settings' of the 'DefaultAppPool' the identity is set to 'ApplicationPoolIdentity' but when I change it to 'LocalSystem' and restart the 'DefaultAppPool' pool everything works as expected:
  • In the browser the IIS page show as expected
  • There are no errors in the machine's event log
  • The pool does not crash
  • The logs are being produced in [C:\inetpub\logs\LogFiles\W3SVC1] (and the 'LogFiles' folder was automatically created - which it wasn't before).

Cloud Class® Course: Amazon Web Services - Basic
LVL 12
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Having a problem with IIS to redirect URL to specific site.

Setup in IIS 8 :
servername:  webserver1
Sites in webserver1:  
* Default Site   :https port 443
* site2  :https port 2222
* site3  :https port 3333

I created A host DNS record named:  site2  that poiting to  webserver1

Problem+want to achieve:

when I type in URL:  https://site2  I want to reach the site2 that on port 2222
The problem is when I type now site2  I reach to the default web site on port 443 ranther than site2.   Of course If I type:  https://site2:2222 everything works fine.

How can I redirect so I'll only have to type  site2  and it will start the site2 over port 2222 ?
Installed URL rewrite and tried multiple pattern but nothing works as it always looks after the '/' not the hostname. should be simple talks

Thanks in Advance.
I have a requirement to change the actual URLs used for better SEO.  For example, here is a current URL:

I would like to transform it using inbound/outbound edits in the web.config to:

All of the URLs are created dynamically so I need to use URL matching to achieve this.
Using IIS 7 I've created a self signed certificate. I followed the article here:

I'm trying to suppress the browser certificate mismatch warning that is displayed on the https://myDevSrv site.  The warning doesn't appear if I use the "real name" of the site  If I use the host header name myDevSrv it doesn't suppress the warning.  

When I generate the self signed certificate I don't seem to have control of who the certificate is issued to.  Just a friendly name.

Is there a way I can fix the self signed certificate to be issued to the host header name of myDevSrv?

.Net web application developed in MVC and angularJs 1.4
When hosted in production server, images are not loading. Getting error as in below screenshot. You can see no images in this site is loaded.

Below is the screenshot of request (from Chrome Developer Mode)

Response - Please note the response type is wrong as 'text/html' which might be reason. Since image is received is different format 500 error occurs

The following are verified
1. In IIS, MIME types is having png

2. Handler Mapping is having StaticFile

Here the is IIS serves back image in html format . So in IIS what is missing ?

I am on a project which requires me to make modes to apps
which have asp directive:

 <!--#include virtual="/global/inc/footer.aspx"-->

on multiple pages.

We can only use IIS express in development therefore I get error:

Parser Error
  Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error details and modify your source file appropriately.

 Parser Error Message: Could not find a part of the path 'C:\Fraud-Tip-Form\Fraud-Tip-Form\global\inc\footer.aspx'.

Source Error:

Line 332:                    <tr>
Line 333:                        <td>
Line 334:                            <!--#include virtual="/global/inc/footer.aspx"-->
Line 335:                        </td>
Line 336:                    </tr>

 Source File:  /index.aspx    Line:  334
Is there a way around using IIS Express.  We are prohibited from using IIS for testing.
Currently, I am just deleting the include directive for testing.
When I upload an image to the Wordpress media section the permissions for the file uploaded are not propagating correctly.
I am using a temp folder in the website for the upload process and the IIS_Iusrs group is not getting read permission on the image.

the temp folder and the upload folder has the IIS_Iusrs group set to full control but the image uploaded they end with special permissions which indicate that the group can see the file but not read it.

any resized images of the original do get the correct permissions for all groups and users (full control).

I have replaced the permission (resetting inheritance several times) and created a new folder for the image to upload into.
Resetting the permission manually does hold and you can view the image via browser.

I am working on a Wordpress website running under IIS on a windows 2016 server.
Since installing multiple windows updates on an SBS 20008 server  the default company web is unavailable as users are presented with the page HTTP 404 page not found, i have gone through various troubleshooting steps including IIS reset but still unable to resolve.

Any ideas?
Hi!  I inherited a classic ASP site in 2012r2 running IIS 6.2.  I turned on "Detailed Errors" but all i get is:

An error occurred on the server when processing the URL. Please contact the system administrator.
If you are the system administrator please click here to find out more about this error.

The "here" is just a link to MS KB Page "Classic ASP Not Installed by Default on IIS 7.0 and above" which seems inapplicable to IIS 6.2 and most of the ASP runs fine so all the correct features are installed.  The last time I worked with classic ASP (LOOOooong ago) I configured IIS to serve detailed errors and I got a stack dump and what line of what ASP page the error was on.  I think this page error page was created by my predecessor, but I don't know how to get rid of it and get the detailed errors back.

I need the detailed errors to debug some issues on this unfamiliar site.

Is someone expert enough at old stuff to have a clue how I might turn the full error detail display back on?
I have an intranet site that uses windows authentication. The site is hosted on an IIS server running windows server 2008 t2

I want users from one of my trusted windows domains to be able to login but it will only allow users from the domain the IIS server is on  to authenticate.

Is there a setting in IIS or webconfig I need to adjust?

Introducing Cloud Class® training courses
LVL 12
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

Is it possible to apply a setting within the web.config which target only a single application with an IIS application? We have an IIS application with 3 websites. Only one website is willing to change their security to HTTPS. Now for adding some more security we want to add some sections to the web.config like:

"<httpCookies httpOnlyCookies="true" requireSSL="true"/>" 

Open in new window

This setting will break the application which do not use a SSL certificate. How can I accomplish that this setting only target a specific site (domain)?
Regarding Exchange 2013...

I understand that we should be able to set the Timeouts for our OWA users. All our CAS servers have the PublicTimeout -value 7 in the 'HKLM:\SYSTEM\CurrentControlSet\Services\MSExchange OWA’ registry.

I want to control the timeouts and want to add the PrivateTimeout -value 480 and then change the PublicTimeout -value to 15.

My question, although this is set to 7 mins today, why when users log into OWA and do NOT check the Private Computer box, are they never timed out and prompted to log in again?

I have tested this in IE, Edge and Chrome, none of which forces me to log in again after 7 mins, nor 10, 15, 20, 30.

What else could be controlling this timeout?

Our Load Balancer VIPs have a timeout set to 30 mins for these CAS servers.

Any ideas? Thanks.

I have a website in IIS 8.5 and I have 2 domains pointed to the site and using the site bindings. Everything was working fine until 2 days ago when the started to give me Error:

404 - File or directory not found.

The works perfectly and it is weird because the error just happens on Chrome or Firefox on multiple machines. Edge works fine and also Android devices show the correct page.

I cleaned cookies and cache on both browsers, confirm that IIS has the correct Application pool for .net 2.0 classic mode, that the default document is listed in IIS and nothing works. If I add the default website to web.config the website doesn't load because it is inheriting the default website from parent. What could be the problem? Any help will be appreciate it.

Dear EE,

I have Windows Server 2012 Standard Edition with

Memory = 4 GB
Application = Web Server --> IIS 8.0
Framework = Dotnet Framework 4.0

if yes then HOW ?

IUSR_COMPUTER NAME anonymous password

I would like to know how i can get the anonymous password for the IUSR account. I am using domain network, i have configured a FTP site on this computer with anonymous login enabled. Currently I am getting a credential prompt to open the FTP site, which is causing my application to have access issue.

I cannot reset IUSR password, which may cause extra issues.

How i can get the password for IUSR anonymous user ?
Hi Experts,

I uploaded my application on my live server, whcih uses TCPDF, but I am getting the following error.

Warning: fopen(file://C:\inetpub\wwwroot\DICE-questions\reports\5\Poposki_Aleks-Raw.pdf): failed to open stream: No such file or directory in C:\Inetpub\vhosts\\\utilities\tcpdf\include\tcpdf_static.php on line 1854
TCPDF ERROR: Unable to create output file: C:\inetpub\wwwroot\DICE-questions\reports\5\Poposki_Aleks-Raw.pdf

Open in new window

Both my development and live servers are IIS, and I think I have setup appropriate privileges to the directory, but I am still getting the error.

Obviously the error is pointing to the TCPDF Library, but how can I find out what line of my code triggered this. I remember in the earlier versions you can see a orange table with the error stack.

Thank you,

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.