[Webinar] Streamline your web hosting managementRegister Today


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello all,

I try to load balance my web app  using  nginx but  I get 404 instead my app.
All my backend (MS IIS) work fine when  I try to query directely.

Here is screeshot of headers when I query my bakend directely

Here is my nginx config that return 404

upstream mywebapp {
    keepalive 16;
    server {
    listen 443 ssl;
    server_name  test.mywebapp.fr;
    #client_max_body_size  10m;
    ssl  on;
   location / {
   proxy_pass  http://mywebapp;
   proxy_http_version 1.1;
   proxy_set_header        X-Forwarded-For    $proxy_add_x_forwarded_for;
   proxy_set_header        X-Forwarded-Host   $host:443;
   proxy_set_header        X-Forwarded-Server $host;
   proxy_set_header        X-Forwarded-Port   443;
   proxy_set_header        X-Forwarded-Proto  https;
   proxy_set_header       Connection "";
   proxy_set_header       Connection "";
   proxy_read_timeout   60m;
   proxy_pass_request_headers on;

Open in new window

Can you help me please?
The 14th Annual Expert Award Winners
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!


Windows Server 2012 R2 Standard - IIS 6.2

I'm getting the below error for one of my AppPools quite often:

A process serving application pool 'poolnamel' failed to respond to a ping. The process id was '23636'.

Do you know what could be causing this?

I had this question after viewing Publish asp.net  Website but folder is empty.

i am publish web side but not any file copy

Need help with an issue we are currently facing with Windows server 2012 and IIS 8.  Recently installed ssl certificate but when accessing our application, it is not showing as secure.  We setup binding with IP address (public) and port numbers which link to the applications.  Unfortunately...in the browser, it is not showing as secure.

Please help
Newly configured FTP site on a 2008R2 VM. Server is a standalone (not in the LAN domain) but has same IP scheeme to try to isolate so rest of network is safe as can from intrusion.

I have it configured to go to the proper folder and when expolre it from the IIS Mang it goes to the proper location. But when come in from outside it is opening up to C:\inetpub\wwwroot. I have gone through all the settings that I thought would impact matching to other ftp servers I work on that functions as supposed to. Also while I config a seperate user only the administrator is passing through.

We are currently trying to get our macOS devices to play nice with Windows Authentication websites we host for a variety of 'intranet' websites for various staff services at our college.
As I understand it, we have IIS Web Servers hosting things like our staff home page, a forms system and a student landing page. These all authenticate using 'Windows Authentication' with 'Negotiate' and 'NTLM' set in the 'Providers' box.
These IIS servers are bound to an Active Directory, as are the macOS devices. When a user logs into, say, a MacBook on the domain using their domain credentials, I was under the assumption that Safari would simply 'just work' with NTLM auth and 'pass through' their domain credentials to access our internal web pages. This does not happen, however, and they are prompted for a username and password for each individual website we are hosting.

I have tried changing the trusted NTLM settings in Firefox and using this instead, however, the same thing happens and users are prompted to enter their credentials.
I must be missing something here and it may very well have something to do with our IIS setup.
I was also under the impression that Windows Auth made use of Kerberos authentication, and I have checked and verified that users are received a Kerberos ticket upon login on the Macs. However, this doesn't seem to be used for authenticating against our websites, even when explicitly setting Kerberos as a provider for authentication in IIS.

Any clues …
After upgrading to Windows 10, my local Development Copy of the code using my local IIS Express Version 10 is unable to get the current HttpContext.  The same code
works on our Development and Live Server that are running IIS 8.5.    I need help updating the code since it appears I can't use HttpContext.Current anymore.  

/// <summary>
        /// Returns the URL for this link
        /// </summary> 
        public string trueUrl
                if (url != null)
                    return url;

                if (HttpContext.Current != null)
                    var urlhelper = new UrlHelper(HttpContext.Current.Request.RequestContext);
                    return urlhelper.Action(action, controller, new { area = area });

                return "ERROR";

Open in new window

I have set up an internal SMTP Virtual Server relay in IIS that I want to use to relay LOB App messages to Office 365.

I am able to use it, but ONLY if the sender of the message matched the address placed in the Outbound Security > Basic Authentication field.

How can I make this work so that I any valid LOB App sender (with a valid O365 mailbox) can send through it, I just want to limit it to IP addresses later for security.

Thanks in advance.
Hello! I have an Exchange server 2016 installed, I installed on the same server a Visual Studio Team Foundation Server, after the installation the whole default web site disappeared from the owa, which has the owa, ecp etc. I recovered the default web site from an iis backup, but the owa, the ecp, and the Exchange Management Console are not working. When I want to open the owa or ecp I got an 500 error. It has problem with the custom error module... What should be the problem? Sorry for my english!
Hello all
We have ADFS on server 2012 R2.
We have the single sign on page showing nicely and all working good.
However, we have another domain the belong to us called company2.org it also points to the same ADFS site.
We are hoping when company2.org visitors visit the site, they get company2 logo page.
When company1.org visit the same site, they get comapny1 login page.

Is there a way we can customize that ?

Thank you
Free Tool: ZipGrep
LVL 11
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.


We are setting up a windows based server that will host a company website. We need to implement monitoring and protection tools. We need  to monitor if there is any hardware/software faults and if the server is under any kind of attack.

What tools can you recommend us?

Thank you
we have been getting Dynatrace alerts reagrding Long Garbage collections that suspend the app pools on our IIS servers.

Usually what we would do to resolve the issue was to recycle the app pool.

We need to know how can you check if an app pool is suspended, and how to check which objects need are taking the most time during the garbage collection?
I have secured classic asp web application and I want
instead of having a link format of:

I want to display, URL format like:

Option 1 hide the .asp extension

or Option 2 replace generic word

or Option 3 replace .aspx in place of .asp
We started getting this error on our intranet server yesterday. Nothing had changed on the server at all.
Here are the things I have tried so far today:
1. Rebooted server (no change)
2. Dropped from domain and readded/restarted (no change)
3. Reset machine password via PowerShell (no change)
4. Renamed the machine/restarted (no change)

What else can I do to get this issue resolved? Here is the stack trace - I'm just stumped.

[SystemException: The trust relationship between the primary domain and the trusted domain failed.
   System.Security.Principal.NTAccount.TranslateToSids(IdentityReferenceCollection sourceAccounts, Boolean& someFailed) +1242
   System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess) +54
   System.Security.Principal.WindowsPrincipal.IsInRole(String role) +151
   System.Web.Configuration.AuthorizationRule.IsTheUserInAnyRole(StringCollection roles, IPrincipal principal) +112
   System.Web.Configuration.AuthorizationRule.IsUserAllowed(IPrincipal user, String verb) +182
   System.Web.Configuration.AuthorizationRuleCollection.IsUserAllowed(IPrincipal user, String verb) +256
   System.Web.Security.UrlAuthorizationModule.OnEnter(Object source, EventArgs eventArgs) +310
   System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +139
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +91

Open in new window

HI, I have two severs I that host websites.  I am trying to get them to sycnonize across same subnet.  Older version was easy IIS10 for the life of me I can't seem to get this to work.
hi, i want to setup reverse proxy on virtual directory level and any request on this vd should rewrite the url to another server with different path and query string. I Am trying to use .net core 2.0, it works fine when i use middleware to perform the reverse proxy, but it breaks when i publish it to virtual directory. So i want to do like
http://localhost:5001/a/b/c and rewrite this path to http://anotherserver/a/b/c. But when i publish it becomes
and it is converting to
how can i make it to rewrite the url as  http://anotherserver/a/b/c in virtual dir scenario.

Please note : in middleware or in iis rewrite it works in website scenario. I am trying to make it work in virtual dir scenario
I want to create an IIS URL rewrite rule which should make the site to respond with the same content on any request. This rule is to be applied when the site goes under a maintenance.
My rule looks like the following:
                <rule name="Stub" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
                    <match url=".*" />
                    <action type="Rewrite" url="/maintenance.htm?URL={R:0}" appendQueryString="true" logRewrittenUrl="true" />
                        <add input="{REMOTE_ADDR}" pattern="" negate="true" />
                        <add input="{REMOTE_ADDR}" pattern="172.31.3" negate="true" />

Open in new window

It works perfectly for any request to resources in the root folder. But on any request to a sub-directory the server responds with 403 Forbidden

For example, a request like http://mysite.com/s.gif correctly returns the content of the file maintenance.htm (located in the site's root folder), but a request like http://mysite.com/2/s.gif  returns
 <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>

Open in new window

(there is a file /2/s.gif and it is correctly returned when the rule is disabled).
In the W3SVC log file I can see:
2017-12-20 22:01:36 GET /maintenance.htm URL=2/s.gif 443 - Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:52.0)+Gecko/20100101+Sea-Monkey/2.49.1+(similar+to+Firefox/52.0) - 403 18 0 78

Open in new window

Please help.

I am a web developer, not a server administrator. Due to unfortunate circumstances at my office, we no longer have staff that manages our servers, and I have been asked to get our server PCI compliant. Good times. The server is running Windows 2008 R2 64 Bit. There were 9 issues and I have resolved 7 of them. I am having a hard time with the last two. I have been reading for the last two days and I am still unclear how to resolve the issues. Hopefully someone here has the missing pieces I am looking for.

The two issues are:

1. SSL/TLS Weak Encryption Algorithms
2. Reflected Cross-Site Scripting Vulnerability

I don't want to over simplify the solution, but if there's anyone out there who can help me resolve these two items I'd appreciate it. I've included a screenshot of IIS Crypto 2.0 below.


Thanks for any guidance.
Our SharePoint 2010 farm occasionally locks up and we have to reset IIS (or just do an application pool restart) on a specific web front end to bring things back.

We haven't been able to identify a root cause from looking at standard logs, and we're not really sure how to trouble-shoot it. Any ideas on how we can narrow things down?
Take Control of Web Hosting For Your Clients
LVL 11
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Well I would like to build a e-commerce site in .net  
I stucked in designing the DB tables , and my problem IS:

let us say I need as a seller to sell a 2 products :
1. ring
2. cat

the "Ring" product have this fields:
A. category :"Product"
B. CategoryType : "jewelry"
C. ProductCondition: "New"
D. ProductMaterial: "Silver"

the "Cat" producthave this fields:
A. category :"Product"
B. CategoryType : "Pet"
C. Age : "1 year"
D. Color : "White"

It means , that will be MANY products at same category  with VARY different fields/sub-category .
how can i solve this problem in designing the DB field/tables/relations between each other?
Hi to all,

I want to redirect subdomains to another subdomains and was wondering if anyone can provide a simpler solution.

This is what I'm trying to achieve.
domain1.olddomain.com redirect to domain1.newdomain.com
domain2.olddomain.com redirect to domain2.newdomain.com
domain3.olddomain.com redicect to domain3.newdomain.com

My solution is to add the rules on each web.config file for each site but is it possible to have it on the applicationhost.config

                <rule name="Redirect to new subdomain" stopProcessing="true">
                    <match url="(.*)" />
                    <action type="Redirect" url="https://domain1.newdomain.com/{R:0}" />

After a security review of our new WordPress site it was pointed out that we're vulnerable to "External Service Redirecton - DNS". Specifically, if a URL is entered into the "Your Name" field of our Contact 7 Form then the testers have found that: "It was possible to induce the application to perform server-side DNS lookups of arbitrary domain names"

The suggested remedial action is to implement a whitelist of permitted services and hosts and to block interaction not on this whitelist.

I'm something of a newbie when it comes to this, and it occured to me (perhaps wrongly!) that there may be different whitelists; one for those who cannot enter the site, and a separate for sites to which our server is allowed to speak. Or does a whitelist imply both ways?

Anyway, all help on this gratefully received and I'm imagining this is something that's been done a zillion times before!

I'm using IIS and would prefer that answer, although Apache related help just as good because I've realised I can kind of 'translate' how to do it once I've got the idea.

Thanks in advance Iain
Hi, Im getting following error Messages

HTTP Error 500.21 - Internal Server Error
Handler "ExtensionlessUrlHandler-Integrated-4.0" has a bad module "ManagedPipelineHandler" in its module list

I have run following command  no results

c:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -I

%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -i

I need to setup a quick FTP site on a domain server and I am stuck.  Someone please help...

Here are the steps I have done:
create a local user.  This local user is in the USERS local group and have login locally right.
Open up Windows Explorer
create a ftproot folder in my E drive
grant users read only, administrators R/W
create a ftp site in IIS
specify physical path to point to the ftproot folder
enable virtual host names - myftp.mydomain.com
no ssl
basic authentication
specify a local user to have R/W
create a local DNS A record for myftp.mydomain.com

I open up a DOS prompt on a domain workstation and type ftp myftp.mydomain.com
I am getting this error: 530 user cannot log in, home directory inaccessible.
The Report Viewer Web Control HTTP Handler has not been registered in the application's web.config file. Add <add verb="*" path="Reserved.ReportViewerWebControl.axd" type = "Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=, Culture=neutral, PublicKeyToken=89845dcd8080cc91" /> to the system.web/httpHandlers section of the web.config file, or add <add name="ReportViewerWebControlHandler" preCondition="integratedMode" verb="*" path="Reserved.ReportViewerWebControl.axd" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=, Culture=neutral, PublicKeyToken=89845dcd8080cc91" /> to the system.webServer/handlers section for Internet Information Services 7 or later.

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.