Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts

Microsoft AD FS server installed and configured post installation this required to install the SSL certificate and complete the configuration , please help to understand if to change the certificate which is already configured for ADFS to new certificate where all the configuration changes to made, I mean how to re-configure adfs OR assign the new SSL certificate to the ADFS sever, can you please list the changes to be done and where all the changes and what all to be done please.
Cloud Class® Course: Microsoft Exchange Server
LVL 12
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

How to resolve 500 error on web page? I did deploy the web project properly but why did the following error comes out?
In the process of migrating a SBS 2011 domain to Servre 2016, Exchange and SharePoint were removed to clean up AD.  However, a short time later several SP users cried ouch that some of their data had not been moved.  By then, the backups for the server had been aged off.  SharePoint was re-installed, but it also crashed all of the web services on the server.  Certainly getting those going would be great, but after a whole lot of time and energy, we tried a different tack: created a new, fresh SBS and am attempting to attach the content database from the original server.

The obvious way to do this, I believe, would be to back up the database, create a new instance on the new SBS, and import the data.  Well, that didn't go so well.  The attempt to back up the database on the old server keeps failing.  So plan B -> copy the data base to the new SBS, attach it as content database, but of course it has no usable credentials on the new server.

Here are my questions:

1. How do I take ownership of the database with credentials from the new server?
    I looked at some of the PowerShell commands but they require -identity and I can't come up with that from IE where I am supposed to see it I think.

2. How can I get it to backup on the old server, and would import then solve the problem?
    I have no idea why I am getting an error on backing this up; the newer content database backs up just fine.

3. How can I fix the web services on the old computer?
    Well this …
Error when accessing SharePoint externally via Internet Explorer with URL in Local Intranet Zone Internet Explorer

After a migration from SharePoint 2013 to SharePoint 2016, users accessing SharePoint externally using Internet Explorer receive the error;

The connection to the website was reset.

I have isolated it to having the URL “” added to the “Local Intranet” Zone in Internet Explorer.

Users that are internal/VPN or that are using Chrome, are not impacted.

If I remove our SharePoint from the Local Intranet zone, we lose our Single Sign on and everybody in the agency has the enter their credentials every time to access SharePoint.

I confirmed that we are not having this issue in our 2013 environment.
I have installed IIS 10 on Win 2016 and have done nothing except tried to access the 'Default Web Site'. So if the server is called '' in any browser I goto '' and I would expect to see the IIS standard page. This does not happen.

What does happen is that the page comes up with:
HTTP Error 503. The service is unavailable.

When I look back at the IIS Manager in the 'Application Pools' section I can see that 'DefaultAppPool' has stopped. It seems as soon as I try to access the site the app pool crashes.

Additionally there are no logs produced and errors in the machine's event log. The errors are multiple copies of:
The worker process failed to initialize correctly and therefore could not be started.  The data is the error.
(Soruce: IIS-W3SVC-WP, EventID: 2276)

After some head-scratching and testing I found the problem but I am still unclear as to the cause.

The problem was that in the 'Advanced settings' of the 'DefaultAppPool' the identity is set to 'ApplicationPoolIdentity' but when I change it to 'LocalSystem' and restart the 'DefaultAppPool' pool everything works as expected:
  • In the browser the IIS page show as expected
  • There are no errors in the machine's event log
  • The pool does not crash
  • The logs are being produced in [C:\inetpub\logs\LogFiles\W3SVC1] (and the 'LogFiles' folder was automatically created - which it wasn't before).

Having a problem with IIS to redirect URL to specific site.

Setup in IIS 8 :
servername:  webserver1
Sites in webserver1:  
* Default Site   :https port 443
* site2  :https port 2222
* site3  :https port 3333

I created A host DNS record named:  site2  that poiting to  webserver1

Problem+want to achieve:

when I type in URL:  https://site2  I want to reach the site2 that on port 2222
The problem is when I type now site2  I reach to the default web site on port 443 ranther than site2.   Of course If I type:  https://site2:2222 everything works fine.

How can I redirect so I'll only have to type  site2  and it will start the site2 over port 2222 ?
Installed URL rewrite and tried multiple pattern but nothing works as it always looks after the '/' not the hostname. should be simple talks

Thanks in Advance.
I have a requirement to change the actual URLs used for better SEO.  For example, here is a current URL:

I would like to transform it using inbound/outbound edits in the web.config to:

All of the URLs are created dynamically so I need to use URL matching to achieve this.
When I upload an image to the Wordpress media section the permissions for the file uploaded are not propagating correctly.
I am using a temp folder in the website for the upload process and the IIS_Iusrs group is not getting read permission on the image.

the temp folder and the upload folder has the IIS_Iusrs group set to full control but the image uploaded they end with special permissions which indicate that the group can see the file but not read it.

any resized images of the original do get the correct permissions for all groups and users (full control).

I have replaced the permission (resetting inheritance several times) and created a new folder for the image to upload into.
Resetting the permission manually does hold and you can view the image via browser.

I am working on a Wordpress website running under IIS on a windows 2016 server.
Since installing multiple windows updates on an SBS 20008 server  the default company web is unavailable as users are presented with the page HTTP 404 page not found, i have gone through various troubleshooting steps including IIS reset but still unable to resolve.

Any ideas?
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Is it possible to apply a setting within the web.config which target only a single application with an IIS application? We have an IIS application with 3 websites. Only one website is willing to change their security to HTTPS. Now for adding some more security we want to add some sections to the web.config like:

"<httpCookies httpOnlyCookies="true" requireSSL="true"/>" 

Open in new window

This setting will break the application which do not use a SSL certificate. How can I accomplish that this setting only target a specific site (domain)?

I have a website in IIS 8.5 and I have 2 domains pointed to the site and using the site bindings. Everything was working fine until 2 days ago when the started to give me Error:

404 - File or directory not found.

The works perfectly and it is weird because the error just happens on Chrome or Firefox on multiple machines. Edge works fine and also Android devices show the correct page.

I cleaned cookies and cache on both browsers, confirm that IIS has the correct Application pool for .net 2.0 classic mode, that the default document is listed in IIS and nothing works. If I add the default website to web.config the website doesn't load because it is inheriting the default website from parent. What could be the problem? Any help will be appreciate it.

I've got a website on shared hosting platform that I think go messed up when they updated the .net framework on the server.  I have several sites that are currently not working correctly.  I don't have direct access to the server so that kind of makes it difficult to troubleshoot directly.  So I have to keep emailing their support.

The site I am currently having an issues with is, I use a framework from for my database calls, it uses a combination of javascript and for the functions.  The site is written in classic asp.  So what started happening is my asp database driven sections aren't working.

I get this error: 006~ASP 0178~Server.CreateObject Access Error~The call to Server.CreateObject failed while checking permissions. Access is denied to this object.

The developer(dmxzone) believes the issue is with the permissions on the should have read/read&execute.

I'm at a loss of what to do or direction to take.  If you load just this page: it will show you all the errors being kicked up.  Sites worked perfectly until the .net updates.

{"type":"Error","fileName":"lib/core/parser.asp","lineNumber":86,"message":"006~ASP 0178~Server.CreateObject Access Error~The call to Server.CreateObject failed while checking permissions. Access is denied to this 

Open in new window

I've been tasked to resolve this vulnerability but i cant figure out where to even update this at. Where does one go on their servers to change this? Its flagged for our email domain.

Vulnerability Class Improper Input Handling
Additional Information host_header
Status Open
Rating Medium (customized)
Opened 2018-07-17 06:38:56 -0700

Custom Solution In Apache ( and Nginx
( you can make SERVER_NAME trustworthy
which can be done by creating a dummy vhost that catches all requests with invalid Host headers. Another method under
Nginx is to specify a non-wildcard SERVER_NAME ( and under Apache
you can use a non-wildcard serverName ( and turning the
UseCanonicalName directive on.

In IIS one method is to have proper bindings setup with a specified host header
( so that if someone changes the host
header it will not reach the web site on IIS.

Alternatively, at the application level, you can attempt to validate any values coming from the Host or X-Forwarded-Host
request headers using a whitelist of acceptable values. You can also choose not to use host header values that come from
The …
Hi EE! :)

Our website has been working flawlessly until recently - we noticed that some pages began to intermittently load slowly, hanging for somewhere between 10-30 seconds, sometimes loading successfully after a considerable wait, but in many cases leading the application in the app pool to hang for a long time, and sometimes requiring a manual restart of IIS. Even restarting IIS takes a long time when it's hanging.

The website is several years old and coded in classic ASP/VB - the pages seemingly causing the bother are fairly heavy ones in regard to sever side code with lots of recordsets etc, but have NEVER caused any problems until the last couple of weeks or so.

The website app runs in 32bit compatibility mode set in the IIS apppool (We use 32bit mode as we're connecting to a 32bit mysql database on another server via win-mysql 32bit ODBC connector)

Where things stand currently:

  • No changes have been made to our classic ASP application source code.
  • No applications were installed recently on the server.
  • No changes made to the website conf/app in IIS
  • Disk space looks fine. Disk check OK. CPU looks OK.

What I have done so far without success:

  • Deleted website & app in IIS and recreated.
  • Isolated website in IIS - turned all other websites and apps off.
  • Uninstalled windows updates < 80 days (I have since reinstalled after discovering it made no difference)
  • Performed a system restore of server state/config < 75 days
We have an IIS website that allows employees to enter their time.  We recently had to make some adjustments to the main database (on a different server). However, now no one can access the website. It just times out.  However, If I go to the server it is hosted on and test the website, it comes up fine.  I am assuming I have some setting or permission wrong in the IIS settings?  Not sure how it changed.  Can someone point me to what I might need to look for?  Thank you.
Hi, can I know what is the problem based on the image ?

Do you have any solution to solve this problem ? I make a link in my website page, then when I click that link, it goes to that image.

The problem is : server error. 403 forbidden: Access is denied. You do not have a permission to view this directory or page using the credentials that you supplied.


I have an IIS 6.0 server based on Windows 2003 Enterprise SP2. We have cloned the server because we need a controlled testing environment but when trying to change the connection string in the application to redirect to another database name (the database is only being renamed in another environment). There is a login problem with the application

<add name="CC_DBAUSA_SOL2" connectionString="Data Source=SERVER1;Initial Catalog=DB1_A;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>
		<add name="CC_DBAUSA_SOL3" connectionString="Data Source=SERVER1;Initial Catalog=DB1;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>

Open in new window

Not working:

<add name="CC_DBAUSA_SOL2" connectionString="Data Source=SERVER1;Initial Catalog=DB1_A;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>
		<add name="CC_DBAUSA_SOL3" connectionString="Data Source=SERVER1;Initial Catalog=ALIAS;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>

Open in new window

Not working:

<add name="CC_DBAUSA_SOL2" connectionString="Data Source=SERVER2;Initial Catalog=DB1_A;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>
		<add name="CC_DBAUSA_SOL3" connectionString="Data Source=SERVER2;Initial Catalog=DB1;User ID=test;Password=test1" providerName="System.Data.SqlClient"/>

Open in new window

The app's website always loads but when I make changes to the connection string I always have the same problem with the login: Wrong user/password or no access to the system

I'd really appreciate it if you could help me find out where the mistake might be

We have two IIS servers, sharing the same public ip, one receives all (443) requests and the other all (80) requests (port).

We have a website on Server(80) that needs to have SSL and cannot be moved to the (443) server.
I managed to use Url Rewrite on (443) server so if a clientes uses the https:// it will display the correct webpage using SSL, as I understand, it will pass through Server(443) and using a reverse proxy to reach Server(80).

I want to be able that if someone dosen´t add "https" to theURL, it will automatically change to https to secure the connection:
My problem is that I cannot make it work (using URL Rewrite) on Server(80), that if someone uses http:// (it will read from Server(80), force them to use SSL(443) using Rewrite…
Is this possible? can someone help me?
Cloud Class® Course: Microsoft Office 2010
LVL 12
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.


I encountered this error with my APP of the cert is expired. we've renew it but still can't work on the app. see attached error for your kind advice. Tks.
Hi Everyone,

Need help and advice. See attachment in word document.

11, Verion 11.0.9600.18204
Update Version 11.0.28
User need to use IE 7 above and connected to wire network not other browsers and wifi

Unable to Display Embedded link Picture / Icon properly
Browse to this Intranet site from IE o

Require to uncheck the Display intranet sites in Compatibility View

We need the “Display intranet site in Compatibility View” to be always checked for other sites so can’t uncheck this feature.
Thus, Is there any other workaround ways to exclude only this site just to uncheck the display intranet sites in compatibility view and not affected other sites  


Hi ,

I have a strange problem facing from today morning that ,outlook users keep getting disconnected from outlook interminently . OWA is working fine .
Im using exchange server 2013 enterprise . 2 cas and 2 mbx servers running on windows 2012
I am running a Windows 2016 server with Plesk and as part of the Plesk statistics I am able to capture the bandwidth of each hosted website and produce monthly reports.

Is there a way in which I can capture average CPU usage of websites and produce reports in a similar manner? I can only do so in real time but I would like this captured for use in my monthly reports. Perhaps an ideal statistic is to log how many times the CPU goes over a specific percentage CPU threshold.
I need to export all the sites/configurations in IIS from an IIS 8.5 installation to IIS 10.  When I try using shared configuration the majority of my IIS icons on  IIS 10  are gone.  What's the best way to copy all my sites, app Pools and configuraitons from IIS 8.5 to IIS 10?

We have a web server running on Windows 2008 SBS. Windows updates up to date.

The website uses a third party payment called securepay and now it only accepts TLS 1.2.

How can make our web server to send TLS 1.2 as a default then if it is rejected then send TLS 1.1 or TLS 1.0?


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.