Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi All,

Can anyone here please assist me in troubleshooting as to why my Outlook Web Access is randomly signing me off while reading or typing email ?

I also cannot access the below OWA option with HTTP ERROR 500:
Change OWA Account settings:
Change AD Password:
Enable OWA Add On:

However, when I manually type in the Public IP address or the server name instead of, I can access the server with no problem.

This is my current deployment of the Exchange Server 2013 Standard Edition in my domain:

AD Site: Default-First-Site-Name [old CAS & MBX server] [new CAS & MBX server]

AD Site: Head_Office [CAS & MBX server] [MBX server]

I have just created multiple A Record for and pointing to my existing 3x CAS-MBX Exchange 2013 server roles.

Public DNS (A) records Round Robin: – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM

Internal DNS (A) records Round Robin: – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Get 15 Days FREE Full-Featured Trial
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Hi All,

I noticed that from my Outlook 2016 connection status, I am using RPC, is this the old slow and insecure protocols ?
Connection Status
I've found the steps below:
Set-MapiVirtualDirectory -Identity "PRODMAIL20-VM\mapi (Default Web Site)" –InternalURL -ExternalUrl -IISAuthenticationMethods Negotiate
Set-MapiVirtualDirectory -Identity "PRODMAIL30-VM\mapi (Default Web Site)" -InternalURL -ExternalUrl -IISAuthenticationMethods Negotiate
Set-OrganizationConfig -MapiHttpEnabled $true
Get-OrganizationConfig | fl *mapi*

Open in new window

Note: I have wildcard * SSL certificate installed on the both CAS servers above.

So I wonder if anyone here knows what's the impact in executing the steps above during the business hours ?

Any help would be greatly appreciated.

Dear community,
We have Problems with active sync in Exchange 2016 CU5.
After a Migration from Exchange 2010 to Exchange 2016 CU5 the following error occours when we connect with active sync:

OWA is working!

exchange analyzer
Event code: 3008
Event message: A configuration error has occurred.
Event time: 07.07.2017 08:10:45
Event time (UTC): 07.07.2017 06:10:45
Event ID: d049c0dd0f3b4cc4986b58ec61b74869
Event sequence: 1
Event occurrence: 1
Event detail code: 0
Application information:
    Application domain: /LM/W3SVC/2/ROOT/Microsoft-Server-ActiveSync-4285-131438814449264551
    Trust level: Full
    Application Virtual Path: /Microsoft-Server-ActiveSync
    Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\sync\
    Machine name: XXX
Process information:
    Process ID: 18536
    Process name: w3wp.exe
    Account name: IIS APPPOOL\DefaultAppPool
Exception information:
    Exception type: ConfigurationErrorsException
    Exception message: Could not load file or assembly 'Microsoft.Exchange.Security, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. (C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\sync\web.config line 251)
   at System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective)
   at …
I have one domain e.g. and I want to host 4 different locations in order to gain faster bandwidth for the end users. How can I do that? Or let me know if azure has something I can use.

im using windows server 2012 and iis 6.2
i have it configured to point at a smtp exchange server
the portal on iis sends out emails
this seems to work for a day or 2 then the emails stop going out
if i do a iisreset that will fix for another few days
then it fails again
i know i could schedule an iis reset but i would like to know why this is happening
We are using Oracle's Primavera Contract Manager that requires a SMTP server to send email but allows for no options to use anything that requires a username or password. So in order to make it work we have the IIS SMTP service setup that requires no authentication and anonymous access. This is a problem as it appears some outside source is using it to send bogus/spam emails. Any ideas if there are options to secure the smtp server service on the Windows 2012 server so it's not anonymous access to send? or possible some sort of free online smtp server? The ISP is Comcast which requires a username and password for smtp services so that will not work. Any thoughts? Or addiotional questions please feel free to ask and thank you in advance for your help.
Our website currently uses the following web.config file:


        <rule name="wordpress" patternSyntax="Wildcard">
            <match url="*"/>
                    <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true"/>
                    <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true"/>
            <action type="Rewrite" url="index.php"/>
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
            <match url="(.*)"/>
                  <add input="{HTTPS}" pattern="off" ignoreCase="true"/>
            <action type="Redirect" redirectType="Permanent" url="{R:1}"/>


we have internal pages such as application, pricing, about-us, blog etc like:

what I want is to set a 1 to 1 301 redirection of the pages without https in the URLs to the respective https version pages of the site.
For example: Set a 301 redirect for the page to

Right now it gets redirected from to

The vendor who does our security audit express concern about SSL certificate we are using on our websites.  They mention version 3 and TLS v1 are not secured.  

I check the version of the cert we purchase is SHA-2.  

I usually purchase the latest version cert and apply it to my IIS website.  Are there additional things I need to do?

Please advise.  


I've got the existing Exchange Server 2013 Standard SP1 that is running as MBX&CAS role in one AD site called Default-First-Site-Name.
I want to decommission it so that I can run the both MBX & CAS on new Win2012 R2 VM so I can configure DAG on the other AD site called Head-Office1.

AD Site Default-First-Site-Name
PRODMAIL14-VM [Mailbox & Client Access Server] - Windows Server 2008 R2 existing legacy.
PRODMAIL15-VM [Mailbox server only] - Windows Server 2012 R2 newly built for DAG.

AD Site Head-Office1
PRODMAIL20-VM [Mailbox & Client Access Server] - Windows Server 2012 R2 existing newly built for DAG.

AD Site Default-First-Site-Name
PRODMAIL14-VM [Decommissioned]
PRODMAIL15-VM [Mailbox & Client Access Server] - Windows Server 2012 R2 setup for DAG with Head Office.

AD Site Head-Office1
PRODMAIL20-VM [Mailbox & Client Access Server] - Windows Server 2012 R2 existing newly built for DAG with PRODMAIL15-VM.

How to do that safely without causing email flow issue during the production business hours ?
What're the steps in installing CAS so that it does not cause any email flow during the business hours on PRODMAIL15-VM ?
If I install the windows update now during the business hours on PRODMAIL15-VM is there any impact or problem when I reboot it ?

Thanks, in advance.
I have set up and created a website in IIS 10.  I have posted the settings in screenshots below.  The issue is, I can access the website when I go to on my LOCAL PC that hosts the website, however when I go to the same on my phone or other PC not connected to my local network, it gives an error saying cannot find my website.  My question is, what am I missing that I cannot view my website from devices not on my local network?
Use Case: Protecting a Hybrid Cloud Infrastructure
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Hi guys. I have a situation where I have a dc with the domain.local setup. IIS was already setup for a database application. I've been asked to setup Microsoft work folders. Ports 443 are already in use.
I've setup the role, the service groups atc. However I'm stuck on the ssl part. Do I have to go for a public ssl very, do I need a public addressable domain name and an A record setup or is it possible to have a local domain do this. If a public domain is needed how do I get it to work with a .local private dc convention?
Hello all,

I've spent so many hours on this now and can't figure it out.

I've created a really basic proxy.pac file, published as a website in IIS7.

Chrome and Firefox show the contents of the pac file within the browser as plain text, this is good.

But Internet Explorer always tries to download the file when I go to the URL!

It's driving my crazy trying to figure this out!

Only specific changes I've made in IIS7 are...

- MIME type (.pac) = application/x-ns-proxy-autoconfig

- HTTP response header (Content-Type) = text/plain

I am an amateur at IIS, been working in IT for 13 years but first time looking at this stuff.

First time I've ever had to post anything technical on a forum because I'm completely stumped.

I'm sure it's going to be one simple setting somewhere that I've missed, But I must have clicked on every Google result ever trying to find the answer!

Screenshots attached.

Please help I will be so grateful  : - )

Thank you,



Michael hOGGATT

I've got two load balanced IIS servers that are balanced via F5 round robin load balancing to a shared SQL Backend and File Server, I will call the IIS servers 1 & 2. Both servers have a pretty evenly distributed load, with 2 normally seeing slightly more connections than 1. Somehow though, 1 seems to be experiencing more worker process CPU load across the application pools.

All IIS Settings appear to be the same, CPU wait time seems to be the same on the worker processes. I'm really struggling here to find any differences between the two sites.

Any help would be appreciated.

It's been a couple of times our user's credentials got comprised via phishing scheme. As the result, the hacker logged into that user's OWA account and remained logging in forever to read the email communication or download, etc. My question is, is there a way to detect a user(s) who remain logged in OWA for long time, say 10 hours, using IIS log file?
Hi Guys,

I am new to IIS.  I have a website in IIS (testsite) which I would like to publish internally.
The users are able to access the site currently by browsing to http://servername/testsite  (internally)

My question;

I've setup an internal A-record in DNS;

How do I add (bind) this internal A-record in IIS to this site?
Hello dears,

I have a problem with an application calleb vizbee that  deployed on a IIS SERVEUR and a DB sqlserver

but i have an access problem  see the picture
I tried to set up the POCA database (instructions:  and when I  try to connect to the database through the website, it shows the directory  and not the sign in page. Someone suggested the issue might be with IIS and not the actual database itself, but I don't know what it could be.

I can send over the log file, the web config file and also a screen shot of what I see when I try to connect if that helps. Instructions for the particular database I was trying to set up are above.
I have 1 website with 1 IP in IIS using both port 80 and port 443. I own 2 wild card certs, one for the external address ( and one of the internal address (

Current SSL certificate that's tied to port 443 is using the external Cert. And the website is reachable external via SSL without issues.
Internally we can reach the website using http on port 80 with the FQDN and that works fine

Management wants SSL applied to the internal web site instead of using http. One method I thought of was to add an additional IP to the website. In Local DNS add a new host name pointed to that IP. Bind the internal Cert to the IP on Port 443. Everyone goes to the website using the new FQDN. To get to the internal Site they using the new FQDN. The concern I have with this approach is that the server still has 2 IP's and local DNS will reflect that. If anything anywhere references the FQDN of the server they could end up getting an error or the wrong item displayed. I

what other options are there?
Optimize your web performance
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

i have installed a (test) web site (only the default web site generated by vs2015  on a iis who already have other web site.
I have asked to my isp to route point to my webserver with an url like
Everything work well with the home page, but when i click to another page i have an 404 error message.
 404 - File or directory not found.
The ressource you are looking for might have been removed, had it's name changed, or is temorarily unavailable.

I have checked already on the net for a solution but nothing changed.
I need help.
Thank you

I'm having an issue where we have domain, and there's currently a site under the Default Web Site that is working with it (Web Access). We also have two other sites under that same Default Web Site, but I can only access them by localhost or IP without https. We have a wildcard SSL cert installed, and it's working with the Web Access site. I'd like to be able to access both of the other sites using, but I can't get past the authentication. When I enter the url in the browser, I get an Authentication Required box, and I enter the local administrator credentials into it, but it doesn't authenticate. The box just reappears. I have given the IUSR account full access to the folder where the site resides in Windows. The authentication that is enabled for the working Web Access site is Anonymous and Windows Authentication. I have configured the other two sites to have the same authentication. If I cancel the Authentication Required box it gives me an 'access is denied' message which is expected of course. If I try to go to https://IPAddress/othersite it will allow me to enter the same local administrator username and password, and it will accept the login and take me to the site, but it crosses out the https, and says it's unsafe and to go back. If I click advanced and proceed, it will take me to the site. Please let me know if I can provide any other information.

Thanks in advance.

I had this question after viewing IIS Worker Process Uses 100% CPU.

Hey all

I've turned on logging to try and find the culprit why the cpu is getting hammered
But as an interim measure, I need to kill the process if the CPU is spiking for 1hr in case it happens when i'm sleeping and I'm not able to manually kill the process

I've looked into the setting on 2016 server and i see:

Limit (Percent)
Limit Action (i'll set this to Kill W3wp)
Limit Interval (minutes)

What I want to do is kill the process if the cpu doesn't drop below 80% for 45 mins
However, from what ive read, you can't just set 80% and 45 mins, because its an overall figure of total CPU use over 45 mins, and not if it stays at 80% and above for 45 mins

Any clarity on this would be useful and how i can acheive the goal
I am administrator and I have a server that is running a IIS service that processes large amounts of data.  The application pool has shutdown twice and I am being told that the reason is because the memory usage on the server is going over 50% and IIS is shutting down the service to protect the server.  Somehow I am finding this a little hard to believe, but I cannot disprove the statement.  

Hi All,

for our Webpage, we are using IIS Windows Authentication for our staff members to create order forms,

we would like to have the user who submitted the Order to get a Notification email,

how do I go about getting the current logged on users e-mail address which is on our from our domain controller within

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.