[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post


I am running IIS 10 on Windows Server 2016.  I created a custom 404 error page called 404.asp and placed it in the root folder of the website.  This is my web.config file:

<?xml version="1.0" encoding="UTF-8"?>
            <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="14.00:00:00" />
            <remove statusCode="404" subStatusCode="-1" />
            <error statusCode="404" prefixLanguageFilePath="" path="/404.asp" responseMode="ExecuteURL" />
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />

I thought that this was the correct way to implement the custom error page but the website just goes to the standard 404 error for IIS.  Any help diagnosing this would be greatly appreciated.  Thank you.
The Five Tenets of the Most Secure Backup
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

Hi Experts,

I'm trying to connect to a Access DB in order to sanitize some data using PHP. I Have already enabled by PHP PDO ODBC driver  (uncomment the extension=php_pdo_odbc.dll line in php.ini) and restarted my IIS.

I get the following code...
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] SQLDriverConnect: 63 [Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key Temporary (volatile) Ace DSN for process 0x14b8 Thread 0x11e4 DBC 0x22f8444 Jet'.' in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php:18 Stack trace: #0 C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php(18): PDO->__construct('odbc:Driver={Mi...') #1 C:\inetpub\wwwroot\DICE-AccessNOC\find-distinct.php(6): Access_DB::getDB() #2 {main} thrown in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php on line 18

Open in new window

My includes/access_db.php is

$TBL = "TBL_DICE_Factorial_Analysis";

class Access_DB{
    private static $db;
    private function __construct() { } //no new objects can be created
    public static function getDB() {    
        $access_path = "Z:\\Business\\CLIENTS\\DICE Assessment\\Received Files\\NOC_Database_Backup_2_PHPCopy.accdb";
        //One connection per browser session
        if (!isset($db)) {
            $dsn = "odbc:Driver={Microsoft Access Driver (*.mdb, *.accdb)}; Dbq=$access_path;";
            self::$db = new PDO($dsn);
        return self::$db;
    public function __destruct() {


function print_variable($var, $label = '', $raw = true){

    echo '<br>=========START=========<br>';
    echo '<b>' . $label . '</b>';

    if ($raw == true) echo '<pre>';


    if ($raw == true) echo '</pre>';
    echo '<br>=========END=========<br>';

Open in new window

The caller is
    require_once 'includes/access_db.php';
    $query = "SELECT * FROM $TBL ORDER  BY NOC_Code, NOC_Occupation; ";

    $db = Access_DB::getDB();

    $statement = $db->prepare($query);
    $rows = $statement->fetchAll(PDO::FETCH_ASSOC);

    print_variable($rows, 'Fact Analysis');

Open in new window

I have also given full permissions to HKEY_LOCAL_MACHINE\SOFTWARE\ODBC and its children to IIS_IUSRS, but the issue persists.

I'm also posting this under ASP, as I see on Google, this also occurs under ASP.

Any help will be greatly appreciated.

What is the best practice to allow a User to  log into Sharepoint Sites only through a specific IP Address? For example, the office IP address is 999.999.1.0 . I want to allow users to only  be able to log into SharePoint sites  then there IP address is 999.999.1.0 and not from home.

Thank you.
Hi folks, how do I get IIS web server up & serving a page quickly. I just need it to serve up a 'restricted content' warning page for my domain users when they try to access YouTube which I have redirected to my internal IIS server using DNS. Unfortunately to do so seems to require a PhD in SSL certificates. Seems way too complicated for the benefits. Can I just disable HTTPS functionality on the IIS server or should I persevere to enable it - I'm guessing this requires the certificate from the IIS server to be installed on all domain machines via group policy?
Currently all machines are able to get through to the IIS server, but not without a 'your connection is not private' warning like the one here - https://goo.gl/images/7y8vB6
Thanks in advance.
I have managed to block YouTube.com using DNS entries for the relevant domains. This is because it uses too much bandwidth that we don't have.
Anyway it's just a temporary measure, but I'd like to display a webpage that explains the blockage to users. I've been looking up dns redirects to an internal IIS server that has the page on it, but I though there might be an easier way that one of youay have heard of .... ?

This is how I blocked YouTube if anyone's curious, I followed the method here, except I haven't put in a CNAME alias yet.
I have a few websites running on IIS on a windows server and I want to monitor which websites are using the most RAM, processor and most importantly rendering the largest page sizes.

Does anyone use any good software they install on windows that will monitor IIS and give good figures on app performance and load

I noticed in the event logs on one of our Exchange 2010 servers that that we were getting an error for Event ID: 17. I checked on google but I haven't really found a solution to the problem not sure if anybody has any ideas. This is a new Exchange 2010 server it's been running for about 2 weeks now. I've included a screenshot

Solution 1

Solution 2
Problem with FTP user isolation in IIS 8.  Users logging into server are going into the localuser folder instead of their own folder.
We are only using this IIS server for FTP. I have created local user accounts with passwords on the server and created folders under the Localuser directory with the same name as the local user account. I gave full control permissions to the user account on that folder.
However, when a user logged in, he went in at the localuser level and did not see any of the other directories, including the folder on his own name.  Any help is greatly appreciated.
Windows Server 2012 R2 Standard with IIS8.
Windows Authentication in Chrome does not works as expected from AD/Domain environment.

It works perfect in Firefox after adding the http://app.domain.local to network.automatic-ntlm-auth.trusted-uris

It works also good in Edge and Internet Explorer after adding the URL in Local Intranet - Sites.

I expect it to work in Chrome too. But I am always being promted. Any ideas?

I have tried with or without Negotiate security method for Windows Authentification. I am currently using only NTLM.

Chrome version 69.0.3497.100 64 bit.
IIS 8 and MVC (Webform) (newer version) ASP.Net app
First i'm sorry for my english.
My problem is with my SharePoint Website running on MOSS 2007 on a Windows Server 2003 with IIS 6.0 ans ASP Net 2.0.
My website was working very well but after some configuration on ISS console i got this issue.
When i try to access to my website with this URL: http://myserver i got an error Message : Content view is not allowed for this virtual directory.
But when i try with this URL http://mywebsite/default.aspx it's working but my CSS and JS file are not loaded. So i get an aspx page without my customisation.
I tried to give all right to my directory wwwroot to different user like thé ASP user, to ISS user ... Without any result.
The strange thing it's :
- when i try to go to my default site which use ASP Net 1.0 it's working well...
- When i try to read my SharePoint list from ACCESS 2007 or directly from the web by the direct URL it's Works
- but when i try to open my website from SharePoint designer it's impossible.

Thanks on avance for any help.
Amazon Web Services
LVL 12
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

HTTP Error 401.2 - Unauthorized
 You are not authorized to view this page due to invalid authentication headers.

Some new users to my web site cannot log on due to 401.2 and 401.1 errors. Other new users connect without any issue. Users have the DoD CAC smartcard and they are valid for logging into their workstations. All the certificates point to the same root authority, DOD Root 3, but have different intermediate certificates which are DOD CA 38 to DOD CA 51. Users with intermediate certificates numbered 48 or higher get the 401.2 error and cannot log in.

I assume the problem is the more recent intermediate certificates are not installed or configured correctly. I installed the most recent certs from the cert authority using their tool, InstallRoot.exe. MMC confirmed the intermediate certs are in the Certificates (Local Computer) -> Intermediate Certification Authorities -> Certificates.

The server uses the Axway tool to validate certificates. In the Application Event Log for the attempt, it said "Revocation Status: Good" so I assume my OCSP and its cache are set up correctly.

After every 401.2 error is a 401.1 error. The sc-win32-status for the 401.1 error is -1073741715. Is that number significant?  

The detailed configuration description:

I am using IIS 7.5 on Windows Server 2008 R2. I set up the web server and the web site to require a smartcard to open the web site. To that end I set up iisClientCertificateMappingAuthentication …
I'm migrating 3 sites from Server 2003 iis6 to 2008 r2 iis7.5 using MS deploy 3.5 via the packaging method.

The sites on the source server are located on the E;: yet the destination server only has a C:

Will using the below command work? I have done a whatif and can see the following lines which to me indicates there maybe issues as E: is referenced or is that reference purely to the location of the site on the source?:

If my commands won't work, what do I need to do to make the sites go to C:\inetpub\wwwroot on the destination server?

Package creation: C:\Program Files\IIS\Microsoft Web Deploy V3>msdeploy -verb:sync -source:metakey
=lm/w3svc/[SITEID] -dest:package=e:\temp\[SITEID].zip > e:\temp\WebDeplo

Package Import: C:\Program Files\IIS\Microsoft Web Deploy V3>msdeploy -verb:sync -source:package=c:\temp\[SITEID].zip -dest:metakey=lm/w3svc/[SITEID]  > c:\temp\WebDeploySync.log

Sample entries from log file:
Info: Adding MSDeploy.metaKey (MSDeploy.metaKey).
Info: Adding metaKey (/lm/w3svc/[SITEID]).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerComment).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerAutoStart).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/LogPluginClsid).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerBindings).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/filters).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/root).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/root/Path).
Info: Adding …
Our third-party web developer just changed the website so it now redirects from www.domain.com to  https:\\domain.com without the www. After this change, no one on the LAN can access our website anymore, because “domain.com” points to an internal IP address. Previously everyone could get to the website because www points to the outside public IP address of our website. Now that the www is dropped that no longer works. We can change DNS to a public site ( and can of course then get website access, but then Outlook disconnects from our on premise Exchange server. Please help. We have numerous portable laptops, so the solution needs to work both inside and outside LAN.
What are the steps necessary to determine if a certificate is 128 bit or 256 bit?
What are the steps required to change an IIS hosted website from HTTP to HTTPS?

I'm having an issue with setting up an IIS FTP server (on a 2008R2 box). I have succeeded in setting up the server, users, publish the directory, setup NAT on the firewall. Things are looking pretty much ok but I am struggling at this point:

 220 Microsoft FTP Service
234 AUTH command ok. Expecting TLS Negotiation.
USER username
331 Password required for username.
PASS *****************
230 User logged in.
200 PBSZ command successful.
200 PROT command successful.
211-Extended features supported:
211 END
200 OPTS UTF8 command successful - UTF8 encoding now ON.
215 Windows_NT
257 "/" is current directory.
250 CWD command successful.
200 Type set to A.
PORT 172,16,101,102,208,219
501 Server cannot accept argument.
250 CWD command successful.
200 Type set to A.
PORT 172,16,101,102,208,222
501 Server cannot accept argument.

Open in new window

I guess this is somehow linked to passive FTP mode but
  • it happens even if I explicitly request active mode only
  • I have defined the passive ports in the "FTP firewall support" tab and NAT-ed them to the correct internal IP
  • this works fine if connecting locally (localhost) but not from LAN no WAN

I'm sure it is a "classic" one (seeing lots of post googling this) but can't really figure it out.

Any advice most appreciated
Need help with IIS coding.

Trying to use Mix of Forms Authentication & Windows Authentication  (Long Story Short... No Previous IIS experience since Dev Gone...)

<?xml version="1.0" encoding="UTF-8"?>
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
  <!-- Admin Defined settings -->
    <!-- PasswordChangeEnabled: Provides password change page for users. Value must be "true" or "false" -->
    <add key="PasswordChangeEnabled" value="true" />
    <!-- LocalHelp: Displays local help for users, instead of the web-based help. Value must be "true" or "false" -->
    <add key="LocalHelp" value="false" />

    <!-- ShowDesktops: Displays or hides the Remote Desktops tab. Value must be "true" or "false" -->
    <add key="ShowDesktops" value="true" />

    <!-- DefaultTSGateway: Admin can preset this to a given Gateway name, or set to "" for no gateway. -->
    <add key="DefaultTSGateway" value="mycloud.bethanna.org" />

    <!-- GatewayCredentialsSource: TS Gateway Authentication Type.
         Admins can preset this.
         0 = User Password
         1 = Smartcard
         4 = "Ask me later"

Open in new window

Hi guys

How do you give someone the private key for the SSL certificate but un-encrypted? I don't get what they are saying.

I've got a Windows 2008 R2 web server that I created the CSR onto. Then I got the certificate from the provider and have applied the certificate to this to complete the request.

My colleague needs the private key. I exported it as a .PFX file, but when you do that, it is password protected. He needs it un-encrypted.

Do you use the MMC console to do this and then export it as a .CER file? Will that be correct?

Exchange 2003 Activesync and OWA stop working after 1-2 days and server needs to be rebooted.  Email is working fine other than ActiveSync and OWA.  Browsing to OWA shows RESET error on the browser or site not available.

IISRESET does not solve the issue nor does starting/stopping all Exchange services.  Only a full reboot solves the issue. Thoughts ?
Learn Ruby Fundamentals
LVL 12
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

when you use a 3rd party to host your website, where does the responsibility typically split in terms of the technology stack on who has to apply patches to all the relevant components of the web stack? e.g. do they typically patch your CMS and any underlying databases, or only lower levels of the stack?
Hi guys

I am going to be buying a multi-EV domain SSL certificate. This domain will have quite a few sub-domains. When i want to create the certificate request on the server, in the common name section, do I just put in the domain name only? So would I put 'contoso.com'? And not '*.contoso.com'. I assume i would only put an asterisk if it was going to be a wildcard ssl right?

Thanks for helping
We are planning on adding a new primary authoritative domain in Exchange 2010.  Most of the mail clients are using Outlook 2016(connected both internal and external)(we also have Active sync devices, Apple, androids etc.. and a few OWA users).  We would like to make the existing Primary SMTP address an alias address.  First steps would be to add the new UC certificate with the names(for autodiscover.domain as well), add the accepted domain and modify the default email policy(Virtual Directories can stay the same since we are not changing the OWA URL).  

The concern is for Outlook users, will internal users existing mail profile update on its own?  And for Outlook Anywhere and activesync users, do the profiles all have to be manually recreated?  If so, we would need to plan for extra staff accordingly when we go live, so I am trying to roughly determine how many users are configured to use Outlook Anywhere, nothing exact, just a rough estimate.  I checked in the IIS logs but cant really confirm which log entries are Outlook Anywhere. Is there a specific string to search for in the IIS logs?

System Center 2016 giving error SyncInvoke--------- Failed with system.invalidoperationexception: TImeout expired. The timeout period elapsed prior to obtaining a connection from the pool. this may have occurred because all pooled connection were in use and max pool size was reached.

This error is happening in many of the method which we didnt make any changes. approx 20-25 of the, may be more.

Normally we can login without issue after app pool reset, however once it gives the above error in the system center even the default page of the webserver shows blank page, then after sometime when we just refresh the default page would be displayed.

This code has been running for more than 2 years and we didnt have any problem , recently we did the deployment and the problem started. The website works for sometime but after say 20 minutes, it starts giving the above timeout issue and sometime even the default page does not show up and then later when we just refresh the default page will display.

Number of users that can cause this is even 15 users , earliernormal traffic is about 300 users at a time, the issue can happen even when 5 users are present.

DB SQL Server : There are around 150-250 sleeping connection most  of the time with the text "Text" only,  it reduces automatically.

The layout is as follows:

Client are redirected through load balancer on any of the following, web server are connected to app directly and APP is connected to SQLDB

External …
I have a silverlight app hosted on windows 7 and IIS, it works fine

I'm trying to move to a different box (windows 10) and its not working
I've run fiddler tool and can see the SVC binary requests are not found (404)
As this is a direct copy of the published code, I assume its setup related
If i run the project through visual studio it works fine, but in IIS does not

Here is an example of the url that isn't found on the new box:
The above gives a 404 in fiddler

The previous request to the XAP file works and does NOT 404

I've tried to duplicate the IIS setup as much as possible, but for some reason it isn't working

My solution consists of 2 projects
MasterUI (silverlight stuff here)
MasterUI.Web (this is the non silverlight app - .aspx files)

The windows 10 box is a fresh install, so perhaps i'm missing some components, but as its working in visual studio on this windows 10 box, I assume it's IIS setup related?
Need to Migrate IIS7 (2008 R2) websites to IIS 10 (2016). Is there a free tool to do this?

Anyone tried this - https://www.assistanz.com/steps-to-migrate-the-websites-from-iis-7-5-to-iis-10/ 


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.