[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am trying to redirect (301) from internaltaichiny.com (and from two other aliases, see below) to internal-tai-chi-ny.com on a Windows Server 2008 running IIS. The redirection is working (with or without www) for the plain domain, but does not quite work when there is a query string e.g. http://www.internaltaichiny.com/about. It shows the correct page, but should change to "internal-tai-chi-ny.com".

Here is the relevant part of web.config in the root. I added the clear command and the first two "add" statements in an attempt to get this to work. I also rebooted the server (during off hours) to see if there was caching causing my changes to be ignored.

  <clear />
  <rule name="Redirect Aliases with query" stopProcessing="true">
      <match url="(\/\/.*\.com)(\/.*)" ignoreCase="true" />
      <conditions logicalGrouping="MatchAny">
            <add input="{HTTP_HOST}" pattern=".*" />
            <add input="{HTTPS_HOST}" pattern=".*" />
            <add input="{HTTP_HOST}" pattern="(.*internaltaichichuan\.com)(.*)" />
            <add input="{HTTPS_HOST}" pattern="(.*internaltaichichuan\.com)(.*)" />
            <add input="{HTTP_HOST}" pattern="(.*internal-tai-chi-chuan\.com)(.*)" />
            <add input="{HTTPS_HOST}" pattern="(.*internal-tai-chi-chuan\.com)(.*)" />
            <add input="{HTTP_HOST}" pattern="(.*internaltaichiny\.com)(.*)" />
            <add input="{HTTPS_HOST}" pattern="(.*internaltaichiny\.com)(.*)" />
10 Tips to Protect Your Business from Ransomware
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.


I have launched a transactional website a few days back on IIS on server 2012. The web page records transactions to a list below the main form one the user save it. The save generally refreshes the web page and takes 30 seconds to refresh.

Can someone guide me as to how i can optimize IIS version 8 to make the web page run faster.

IIS website on Server 2012 R2.  Website works fine until the server console is logged out. Then the site produces a 500 internal server error.  If we login the server to the desktop the site then works again.  What am I missing in IIS to make this happen?  We shouldn't need to login to the server for the website to function.

Any help would be appreciated.
Good Day,

I need assistance with config in a proxy.pac file.

In the file I need to specify that if the traffic is from a certain subnet then it needs to go directly to the internet and bypass our proxy appliance.

Currently there are statements stating that if the destination is a specific subnet then it returns "DIRECT", but I need to add a source subnet in there.

In the .pac file I have statements like this:

var resolved_ip = dnsResolve(host);
    if (     isInNet(resolved_ip,"","")
        || isInNet(resolved_ip,"","")
        || isInNet(resolved_ip,"","")
        || isInNet(resolved_ip,"","")
          || isInNet(host, "", "")
          || isPlainHostName(host)
          || localHostOrDomainIs(host, "")

      return       "DIRECT";

      return "PROXY";

So I need to add a statement in that top part that says if the soure of the traffic is a specific subnet ( then it must also return "DIRECT".

Thanks for any assistance.
Hi Experts ,

I have 2 Exchange servers , both running Exchange 2013 in the same domain.
1st Server is Srv3 which was the first Server setup and running Exchange 2013, the 2nd Server is Srv6 this is the 2nd Server running Exchange 2013.
I want to decommission Srv3 and make Srv6 my main and only exchange server.
I have moved my mailboxes across to Srv6 and have purchased a comodo payed cert and this is also installed on Srv6.
Srv3 has a self signed cert installed.
I am looking for some help on decommissioning Srv3 and making Srv6 my primary and only exchange Server.
if I turn off Srv3. I can access my Mailboxes and I can sent mail as now going trough Srv6, but can't receive mail or get to my e-mail remotely (owa).
if I try and setup the receive connector on Srv6 to be the same as Srv3 but  it won't let me.
Any help or advise would be greatly appreciated
Thank you.

Windows Server 2016
Internet Information Systems (IIS) v10


I have an IBM supplied script which creates a new application pool called 'analysis' and a corisponding virtual directory

The new app pool and 'DefaultAppPool' keeps crashing / stopping as soon as you try to access their URLs.

Looking at the event log the issue is that neither pool has permissions to access their on-disk folder's that their respective virtual directories represent. For the 'DefaultAppPool' this is [C:\inetpub\wwwroot]

Both app pools are running under the standard (and recommended / best-practice)  'ApplicationPoolIdentity'.


1) How can correctly I give the app pools permission (or rather the  'DefaultAppPool' virtual user) permission to these folders.

2) How could these folders (especially the 'DefaultAppPool' loose permission ?
I manage a web site that utilizes IIS with Windows Server 2016.
Users login with their Windows account credentials.

If I check mark - user must update password on next logon - the user received the regular prompt and cannot log in.

How can I add the logon options to update/change password to my website?
Hello experts,

Good day to you all. I would like to have an experts opinion or knowledge-base article on how to enable ssl using self-signed certificated in windows server (iis).?

Currently, we have an active directory (****.local) domain with a child server (hrms.****.local).
In this child server Windows IIS is enabled and currently working with http binding only on port 8080 (tcp).
Now we want to implement https binding and restrict http access.
Kindly help me through this with your valuable advice.

note - It is an ASP .net application for our company internal usage.

Thanks & Regards,

Mohamed Marzook
I installed Wordpress on IIS 10 on windows server 2016. Everything works fine. Now I need to make sure the wordpress is secure, I can make all the core files read only which is what i did, but  in doing so I have to manually update wordpress or change the rights update and change it back.
Wordpress has a bunch of methods to secure it https://codex.wordpress.org/Hardening_WordPress, but do I set these security measures on IIS.

There are so many IIS redirect questions. I've looked through many but they all seem to look to redirect to a sub domain. I have the opposite issue. Warning, NOT an IIS admin.

Our vendor setup our new server. Everything works great. Except the site is as follows (not real of course):  www.site.com/sandwich/yummy.aspx. The site will not answer any other responses. I'm looking for www.site.com to redirect to the actual live app of www.site.com/sandwich/yummy.aspx.

My initial gut feeling says to create a new Virtual Directory, type in the details and Bob's your uncle. But I'm not sure of this.

Thoughts from the community, please.

Windows Server 2008R2
IIS 6.1
Fundamentals of JavaScript
LVL 12
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

I have a script to generate app pools and sites
I want for some sites that the anonymous authentication uses the app pool identity
I know how to do that in the IISmanager but I have a script

this is part of the script
%1 is paramater site name %webloc% is path

%systemroot%\system32\inetsrv\appcmd.exe add apppool /name:www.%1
%systemroot%\system32\inetsrv\AppCmd add site /name:www.%1 /physicalPath:%WebLoc%\www.%1\website /bindings:http/*:80:www.%1
%systemroot%\system32\inetsrv\appcmd set app /app.name:www.%1/ /applicationPool:www.%1
%systemroot%\system32\inetsrv\appcmd set apppool /apppool.name:www.%1 /managedRuntimeVersion:v4.0

This is what my question is about to use the application pool identity as anon user
%systemroot%\system32\inetsrv\appcmd set config /app.name:www.%1/ -section:anonymousAuthentication /username:"" --password
will /app.name:www.%1 work as site name?

or should it be
%systemroot%\system32\inetsrv\appcmd set config www.%1 -section:anonymousAuthentication /username:"" --password
We have a Windows 2012 server with Coldfusion 11 installed and 4 websites running on it in Production. We've set up a new Windows 2012 server, and I just installed the latest version of Coldfusion, Coldfusion 2018, on it. I copied over the website code from the other server, and went into IIS and made sure the settings (those I know of) were the same. I also went into the CFADMIN to make sure all the settings were identical to the sites on other server.

Opening up a browser on the new server, I can put the IP address into the browser and can see the site up and running. However, when I'm not on the server I cannot see the site when I put the IP address in a browser. By not see, I mean I get a 500 internal server error. So what have I missed?

For example (not real IP address):
Works fine - On the Prod server:
Works fine - Not on the Prod server:
Works fine - On the New server:
Not working - Not on the New server:

Any help would be appreciated.  I have a Senior Coldfusion Developer skill set. I'm not a server administrator. Although, that is my task with this particular project.
Received SharePoint 2013 server runtime error in '/' Application

<!-- Web.Config Configuration File -->

        <customErrors mode="Off"/>

<!-- Web.Config Configuration File -->

        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
Dear Experts

We recently deployed CRM application which is web based and deployed on windows 2012 R2  running IIS and MSSQL 2012, webserver is separate and MSSQL is separate both have enough RAM and CPU but users are experiencing slow, please suggest what could be causing this, how to do performance tuning for  IIS 8.5 and MSSQL performance tuning please suggest.

we are in progress of migrating an Exchange 2013 to Exchange 2016.

Clients are already connecting through the new CAS Server (Exchange 2016) to their Mailbox on Exchange 2013.

Some Clients can not connect to some of the Mailboxes (Offline Mode) - also some clients have connections to shared mailboxes and have problems with only some of them, so not possible to limit it to specific users or outlook clients.

On Exchange 2013 we get the http errors in the log:


2018-10-29 10:00:27 x.x.x.x 19221 x.x.x.x 444 HTTP/1.1 RPC_IN_DATA /rpc/rpcproxy.dll?server.localdomain:6001 400 2 BadRequest MSExchangeRpcProxyAppPool

Open in new window

On the Exchange 2016 Errors are visible in the HttpProxy RpcHttp Log (<Exchange Server Install Path>\Logging\HttpProxy\RpcHttp)

HttpStatus: 200
BackEndStatus: 200
ErrorCode: InternalServerError      

ProxyAction: Proxy
GenericErrors: StreamProxy=StreamProxy-Response-ExpectReadCallback;PossibleException=IOException;

Outlook 2010 connecting through Exchange 2016 CU11 on Windows Server 2016 to Mailboxes on an Exchange 2013 CU20 on Windows Server 2012

Any Idea how to troubleshoot further?

(the Exchange is only available in the local domain, not possible to try testconnectivity.microsoft.com)
Dear Experts

We have done integration for the CRM application with external web portal, the CRM application is behind firewall and the web portal is in public cloud, integration is done through WEB API from the CRM application we able to update the records to the web portal but from the web portal records are not creating or updating in CRM application. Please help on the following
1.      As this is windows server 2012 installed with IIS how do we check the request from web portal which is from internet is hitting to CRM application.
2.      CRM application is not showing up any logs hence how to check it from windows server level and IIS
Please suggest. thanks in advance.
I have 2 load balanced server running a website using 1 application pool, IIS web server logs warnings

A process serving application pool 'AppPool' exceeded time limits during shut down. The process id was '5776'.
A process serving application pool 'AppPool' exceeded time limits during shut down. The process id was '6252'.

A worker process '6252' serving application pool 'AppPool' failed to stop a listener channel for protocol 'http' in the allotted time.  The data field contains the error number.
A worker process '7120' serving application pool 'AppPool' failed to stop a listener channel for protocol 'http' in the allotted time.  The data field contains the error number.

Application pool AppPool has been disabled. The request from protocol http to create the application pool failed. Restart the application pool so that Windows Process Activation Service (WAS) can determine the correct state of the protocol. The data field contains the error number.

What is the best practice to allow a User to  log into Sharepoint Sites only through a specific IP Address? For example, the office IP address is 999.999.1.0 . I want to allow users to only  be able to log into SharePoint sites  then there IP address is 999.999.1.0 and not from home.

Thank you.
I have a few websites running on IIS on a windows server and I want to monitor which websites are using the most RAM, processor and most importantly rendering the largest page sizes.

Does anyone use any good software they install on windows that will monitor IIS and give good figures on app performance and load
Learn Ruby Fundamentals
LVL 12
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Problem with FTP user isolation in IIS 8.  Users logging into server are going into the localuser folder instead of their own folder.
We are only using this IIS server for FTP. I have created local user accounts with passwords on the server and created folders under the Localuser directory with the same name as the local user account. I gave full control permissions to the user account on that folder.
However, when a user logged in, he went in at the localuser level and did not see any of the other directories, including the folder on his own name.  Any help is greatly appreciated.
Windows Server 2012 R2 Standard with IIS8.
I'm migrating 3 sites from Server 2003 iis6 to 2008 r2 iis7.5 using MS deploy 3.5 via the packaging method.

The sites on the source server are located on the E;: yet the destination server only has a C:

Will using the below command work? I have done a whatif and can see the following lines which to me indicates there maybe issues as E: is referenced or is that reference purely to the location of the site on the source?:

If my commands won't work, what do I need to do to make the sites go to C:\inetpub\wwwroot on the destination server?

Package creation: C:\Program Files\IIS\Microsoft Web Deploy V3>msdeploy -verb:sync -source:metakey
=lm/w3svc/[SITEID] -dest:package=e:\temp\[SITEID].zip > e:\temp\WebDeplo

Package Import: C:\Program Files\IIS\Microsoft Web Deploy V3>msdeploy -verb:sync -source:package=c:\temp\[SITEID].zip -dest:metakey=lm/w3svc/[SITEID]  > c:\temp\WebDeploySync.log

Sample entries from log file:
Info: Adding MSDeploy.metaKey (MSDeploy.metaKey).
Info: Adding metaKey (/lm/w3svc/[SITEID]).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerComment).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerAutoStart).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/LogPluginClsid).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/ServerBindings).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/filters).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/root).
Info: Adding child metaKey (/lm/w3svc/[SITEID]/root/Path).
Info: Adding …
Our third-party web developer just changed the website so it now redirects from www.domain.com to  https:\\domain.com without the www. After this change, no one on the LAN can access our website anymore, because “domain.com” points to an internal IP address. Previously everyone could get to the website because www points to the outside public IP address of our website. Now that the www is dropped that no longer works. We can change DNS to a public site ( and can of course then get website access, but then Outlook disconnects from our on premise Exchange server. Please help. We have numerous portable laptops, so the solution needs to work both inside and outside LAN.
Need help with IIS coding.

Trying to use Mix of Forms Authentication & Windows Authentication  (Long Story Short... No Previous IIS experience since Dev Gone...)

<?xml version="1.0" encoding="UTF-8"?>
    Note: As an alternative to hand editing this file you can use the
    web admin tool to configure settings for your application. Use
    the Website->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in
    machine.config.comments usually located in
  <!-- Admin Defined settings -->
    <!-- PasswordChangeEnabled: Provides password change page for users. Value must be "true" or "false" -->
    <add key="PasswordChangeEnabled" value="true" />
    <!-- LocalHelp: Displays local help for users, instead of the web-based help. Value must be "true" or "false" -->
    <add key="LocalHelp" value="false" />

    <!-- ShowDesktops: Displays or hides the Remote Desktops tab. Value must be "true" or "false" -->
    <add key="ShowDesktops" value="true" />

    <!-- DefaultTSGateway: Admin can preset this to a given Gateway name, or set to "" for no gateway. -->
    <add key="DefaultTSGateway" value="mycloud.bethanna.org" />

    <!-- GatewayCredentialsSource: TS Gateway Authentication Type.
         Admins can preset this.
         0 = User Password
         1 = Smartcard
         4 = "Ask me later"

Open in new window

System Center 2016 giving error SyncInvoke--------- Failed with system.invalidoperationexception: TImeout expired. The timeout period elapsed prior to obtaining a connection from the pool. this may have occurred because all pooled connection were in use and max pool size was reached.

This error is happening in many of the method which we didnt make any changes. approx 20-25 of the, may be more.

Normally we can login without issue after app pool reset, however once it gives the above error in the system center even the default page of the webserver shows blank page, then after sometime when we just refresh the default page would be displayed.

This code has been running for more than 2 years and we didnt have any problem , recently we did the deployment and the problem started. The website works for sometime but after say 20 minutes, it starts giving the above timeout issue and sometime even the default page does not show up and then later when we just refresh the default page will display.

Number of users that can cause this is even 15 users , earliernormal traffic is about 300 users at a time, the issue can happen even when 5 users are present.

DB SQL Server : There are around 150-250 sleeping connection most  of the time with the text "Text" only,  it reduces automatically.

The layout is as follows:

Client are redirected through load balancer on any of the following, web server are connected to app directly and APP is connected to SQLDB

External …
I have a silverlight app hosted on windows 7 and IIS, it works fine

I'm trying to move to a different box (windows 10) and its not working
I've run fiddler tool and can see the SVC binary requests are not found (404)
As this is a direct copy of the published code, I assume its setup related
If i run the project through visual studio it works fine, but in IIS does not

Here is an example of the url that isn't found on the new box:
The above gives a 404 in fiddler

The previous request to the XAP file works and does NOT 404

I've tried to duplicate the IIS setup as much as possible, but for some reason it isn't working

My solution consists of 2 projects
MasterUI (silverlight stuff here)
MasterUI.Web (this is the non silverlight app - .aspx files)

The windows 10 box is a fresh install, so perhaps i'm missing some components, but as its working in visual studio on this windows 10 box, I assume it's IIS setup related?

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.