[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have jQuery/Javascript on my page at:

...and I am trying to do a jQuery $.post to:

But I get this error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at...

On www.domain-b.com I have the following in web.config (this is an IIS server):

<?xml version="1.0" encoding="UTF-8"?>
                <add name="Access-Control-Allow-Origin" value="*" />

Open in new window

...however, I still get the error. I don't have access to .htaccess or anything else on www.domain-a.com. Is it possible for me to resolve this issue, or is it not possible because I don't have access to the www.domain-a.com server? It isn't clear to me if I need to add Access Control to the server where the web page resides, or the server where the target script resides.

Thank you.
Rowby Goren Makes an Impact on Screen and Online
LVL 12
Rowby Goren Makes an Impact on Screen and Online

Learn about longtime user Rowby Goren and his great contributions to the site. We explore his method for posing questions that are likely to yield a solution, and take a look at how his career transformed from a Hollywood writer to a website entrepreneur.


I am running IIS 10 on Windows Server 2016.  I created a custom 404 error page called 404.asp and placed it in the root folder of the website.  This is my web.config file:

<?xml version="1.0" encoding="UTF-8"?>
            <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="14.00:00:00" />
            <remove statusCode="404" subStatusCode="-1" />
            <error statusCode="404" prefixLanguageFilePath="" path="/404.asp" responseMode="ExecuteURL" />
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />

I thought that this was the correct way to implement the custom error page but the website just goes to the standard 404 error for IIS.  Any help diagnosing this would be greatly appreciated.  Thank you.
Hi Experts,

I'm trying to connect to a Access DB in order to sanitize some data using PHP. I Have already enabled by PHP PDO ODBC driver  (uncomment the extension=php_pdo_odbc.dll line in php.ini) and restarted my IIS.

I get the following code...
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] SQLDriverConnect: 63 [Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key Temporary (volatile) Ace DSN for process 0x14b8 Thread 0x11e4 DBC 0x22f8444 Jet'.' in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php:18 Stack trace: #0 C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php(18): PDO->__construct('odbc:Driver={Mi...') #1 C:\inetpub\wwwroot\DICE-AccessNOC\find-distinct.php(6): Access_DB::getDB() #2 {main} thrown in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php on line 18

Open in new window

My includes/access_db.php is

$TBL = "TBL_DICE_Factorial_Analysis";

class Access_DB{
    private static $db;
    private function __construct() { } //no new objects can be created
    public static function getDB() {    
        $access_path = "Z:\\Business\\CLIENTS\\DICE Assessment\\Received Files\\NOC_Database_Backup_2_PHPCopy.accdb";
        //One connection per browser session
        if (!isset($db)) {
            $dsn = "odbc:Driver={Microsoft Access Driver (*.mdb, *.accdb)}; Dbq=$access_path;";
            self::$db = new PDO($dsn);
        return self::$db;
    public function __destruct() {


function print_variable($var, $label = '', $raw = true){

    echo '<br>=========START=========<br>';
    echo '<b>' . $label . '</b>';

    if ($raw == true) echo '<pre>';


    if ($raw == true) echo '</pre>';
    echo '<br>=========END=========<br>';

Open in new window

The caller is
    require_once 'includes/access_db.php';
    $query = "SELECT * FROM $TBL ORDER  BY NOC_Code, NOC_Occupation; ";

    $db = Access_DB::getDB();

    $statement = $db->prepare($query);
    $rows = $statement->fetchAll(PDO::FETCH_ASSOC);

    print_variable($rows, 'Fact Analysis');

Open in new window

I have also given full permissions to HKEY_LOCAL_MACHINE\SOFTWARE\ODBC and its children to IIS_IUSRS, but the issue persists.

I'm also posting this under ASP, as I see on Google, this also occurs under ASP.

Any help will be greatly appreciated.
I have managed to block YouTube.com using DNS entries for the relevant domains. This is because it uses too much bandwidth that we don't have.
Anyway it's just a temporary measure, but I'd like to display a webpage that explains the blockage to users. I've been looking up dns redirects to an internal IIS server that has the page on it, but I though there might be an easier way that one of youay have heard of .... ?

This is how I blocked YouTube if anyone's curious, I followed the method here, except I haven't put in a CNAME alias yet.

I noticed in the event logs on one of our Exchange 2010 servers that that we were getting an error for Event ID: 17. I checked on google but I haven't really found a solution to the problem not sure if anybody has any ideas. This is a new Exchange 2010 server it's been running for about 2 weeks now. I've included a screenshot

Solution 1

Solution 2
Windows Authentication in Chrome does not works as expected from AD/Domain environment.

It works perfect in Firefox after adding the http://app.domain.local to network.automatic-ntlm-auth.trusted-uris

It works also good in Edge and Internet Explorer after adding the URL in Local Intranet - Sites.

I expect it to work in Chrome too. But I am always being promted. Any ideas?

I have tried with or without Negotiate security method for Windows Authentification. I am currently using only NTLM.

Chrome version 69.0.3497.100 64 bit.
IIS 8 and MVC (Webform) (newer version) ASP.Net app
First i'm sorry for my english.
My problem is with my SharePoint Website running on MOSS 2007 on a Windows Server 2003 with IIS 6.0 ans ASP Net 2.0.
My website was working very well but after some configuration on ISS console i got this issue.
When i try to access to my website with this URL: http://myserver i got an error Message : Content view is not allowed for this virtual directory.
But when i try with this URL http://mywebsite/default.aspx it's working but my CSS and JS file are not loaded. So i get an aspx page without my customisation.
I tried to give all right to my directory wwwroot to different user like thé ASP user, to ISS user ... Without any result.
The strange thing it's :
- when i try to go to my default site which use ASP Net 1.0 it's working well...
- When i try to read my SharePoint list from ACCESS 2007 or directly from the web by the direct URL it's Works
- but when i try to open my website from SharePoint designer it's impossible.

Thanks on avance for any help.
HTTP Error 401.2 - Unauthorized
 You are not authorized to view this page due to invalid authentication headers.

Some new users to my web site cannot log on due to 401.2 and 401.1 errors. Other new users connect without any issue. Users have the DoD CAC smartcard and they are valid for logging into their workstations. All the certificates point to the same root authority, DOD Root 3, but have different intermediate certificates which are DOD CA 38 to DOD CA 51. Users with intermediate certificates numbered 48 or higher get the 401.2 error and cannot log in.

I assume the problem is the more recent intermediate certificates are not installed or configured correctly. I installed the most recent certs from the cert authority using their tool, InstallRoot.exe. MMC confirmed the intermediate certs are in the Certificates (Local Computer) -> Intermediate Certification Authorities -> Certificates.

The server uses the Axway tool to validate certificates. In the Application Event Log for the attempt, it said "Revocation Status: Good" so I assume my OCSP and its cache are set up correctly.

After every 401.2 error is a 401.1 error. The sc-win32-status for the 401.1 error is -1073741715. Is that number significant?  

The detailed configuration description:

I am using IIS 7.5 on Windows Server 2008 R2. I set up the web server and the web site to require a smartcard to open the web site. To that end I set up iisClientCertificateMappingAuthentication …
What are the steps necessary to determine if a certificate is 128 bit or 256 bit?
What are the steps required to change an IIS hosted website from HTTP to HTTPS?
IT Pros Agree: AI and Machine Learning Key
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.


I'm having an issue with setting up an IIS FTP server (on a 2008R2 box). I have succeeded in setting up the server, users, publish the directory, setup NAT on the firewall. Things are looking pretty much ok but I am struggling at this point:

 220 Microsoft FTP Service
234 AUTH command ok. Expecting TLS Negotiation.
USER username
331 Password required for username.
PASS *****************
230 User logged in.
200 PBSZ command successful.
200 PROT command successful.
211-Extended features supported:
211 END
200 OPTS UTF8 command successful - UTF8 encoding now ON.
215 Windows_NT
257 "/" is current directory.
250 CWD command successful.
200 Type set to A.
PORT 172,16,101,102,208,219
501 Server cannot accept argument.
250 CWD command successful.
200 Type set to A.
PORT 172,16,101,102,208,222
501 Server cannot accept argument.

Open in new window

I guess this is somehow linked to passive FTP mode but
  • it happens even if I explicitly request active mode only
  • I have defined the passive ports in the "FTP firewall support" tab and NAT-ed them to the correct internal IP
  • this works fine if connecting locally (localhost) but not from LAN no WAN

I'm sure it is a "classic" one (seeing lots of post googling this) but can't really figure it out.

Any advice most appreciated
Hi guys

How do you give someone the private key for the SSL certificate but un-encrypted? I don't get what they are saying.

I've got a Windows 2008 R2 web server that I created the CSR onto. Then I got the certificate from the provider and have applied the certificate to this to complete the request.

My colleague needs the private key. I exported it as a .PFX file, but when you do that, it is password protected. He needs it un-encrypted.

Do you use the MMC console to do this and then export it as a .CER file? Will that be correct?

Exchange 2003 Activesync and OWA stop working after 1-2 days and server needs to be rebooted.  Email is working fine other than ActiveSync and OWA.  Browsing to OWA shows RESET error on the browser or site not available.

IISRESET does not solve the issue nor does starting/stopping all Exchange services.  Only a full reboot solves the issue. Thoughts ?
when you use a 3rd party to host your website, where does the responsibility typically split in terms of the technology stack on who has to apply patches to all the relevant components of the web stack? e.g. do they typically patch your CMS and any underlying databases, or only lower levels of the stack?
Hi guys

I am going to be buying a multi-EV domain SSL certificate. This domain will have quite a few sub-domains. When i want to create the certificate request on the server, in the common name section, do I just put in the domain name only? So would I put 'contoso.com'? And not '*.contoso.com'. I assume i would only put an asterisk if it was going to be a wildcard ssl right?

Thanks for helping
We are planning on adding a new primary authoritative domain in Exchange 2010.  Most of the mail clients are using Outlook 2016(connected both internal and external)(we also have Active sync devices, Apple, androids etc.. and a few OWA users).  We would like to make the existing Primary SMTP address an alias address.  First steps would be to add the new UC certificate with the names(for autodiscover.domain as well), add the accepted domain and modify the default email policy(Virtual Directories can stay the same since we are not changing the OWA URL).  

The concern is for Outlook users, will internal users existing mail profile update on its own?  And for Outlook Anywhere and activesync users, do the profiles all have to be manually recreated?  If so, we would need to plan for extra staff accordingly when we go live, so I am trying to roughly determine how many users are configured to use Outlook Anywhere, nothing exact, just a rough estimate.  I checked in the IIS logs but cant really confirm which log entries are Outlook Anywhere. Is there a specific string to search for in the IIS logs?

Windows server 2012 IIS 7 PHP convert doc/docx to PDF.  

I can successfully use OfficeToPDF from the command line as expected but when I try to get it to work with php through exec, no luck.

I have tried changing the DOM permissions as outlined here => http://www.bloing.net/2011/01/how-to-make-iis7-play-nice-with-office-interop/

When the script runs I can see Word open in task manager but the script will just hang until I kill the word process.
Hello, All;

Active Server Pages error 'ASP 0126'
Include file not found
/cs/Header.asp, line 3
The include file '../Imported_Data/ACN.asp' was not found.

Code Line
<!--#include virtual="../Imported_Data/ACN.asp"-->

Open in new window

OK. I have been using this for years, and it still works on my Win2016 Server.
However, running it on my development system, of which is a Win10 Pro.
No longer works.
Enable Parent Paths
Is Enabled in IIS, for the Default Web Site, and all sub sites.

WHAT in the heck did Microsoft do, in the last update to break this?

The actual path of the files is stores in

I reference this location with all my sites.
And have NEVER had an issue, until the most recent Windows 10 update, and now it is broken.
At least on my Win10 system.
As stated, it all still works under my Win2016 servers.

Any idea on what can be done in order to get this back working again?
I would really hate to re-code all sites, just because of this one stupid issue.

Hi All,

I have an odd problem which I just can't see to figure out for the life of me! I'll give the scenario below:

  • Exchange 2013 Server OWA doesn't work using the FQDN of mail.server.com unless done from the exchange server itself.
  • Browsing to the IP loads the OWA page
  • DNS all resolves to the correct IP address and NS lookup also works correctly.
  • Works perfectly fine externally

If everything wasn't resolving as expected I'd definitely blame DNS but due to the odd nature of all the records resolving as expected I'm not too sure.

Any help would be appreciated.

Kind Regards,
The 7 Worst Nightmares of a Sysadmin
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

error logSuddenly my Silverlight application not accessing using host name. it works well with ip address. all setting are up to date and also ping are show for server name. please find attached screen shot. clientaccesspolicy.xml and cross-domain.xml are also added but it not work with computer name.

In some pc this work with pc name also.

Please suggest any solution.
Citrix Standalone Storefront Server. This is the IIS server. Created Citrix URL. i.e Website
Now the website has created with default FQDN of the server Hostname. Which is very lengthy. It is not a user-friendly URL.
So I would like to change the URL with a user-friendly name. Like https://myvdi.domainname.com.
First I have created DNS record (Canonical name) and SSL Certificate to myvdi.domainname.com
Bind the SSL certificate in IIS.
But I couldn’t able to resolve the myvdi.domainname.com URL.
Do I need to do any configurations in IIS? Please suggest.
I have an IIS server (Windows Server 2012 R2) that has a Default Web Site with an application underneath it. I can browse and use that application fine while on the local network or any local VLAN. When I try to access the application from outside the firewall I get a 404 - File or directory not found error. Obviously I am able to reach the server and website through the firewall or I wouldn't be getting this error. I would get a blank response from the site not reachable. I've proven this by disabling the firewall rule that allows access. It seems as though there must be some kind of permissions or authentication issue preventing access to the application but I don't know what it would be.

I also tried setting up a subdirectory of this site with the default iisstart.htm and iis-85.png files that Microsoft provides. I cannot browse this subfolder either. Same 404 error.

Please help. Thanks in advance. Brian
I noticed most web site hosts offer a 'cpanel' to the website owners/customers, which seems to be different to the CMS for editing pages. As a novice in this area, what exactly does the cpanel allow the website owner to do? Or put another way, we want assurance only the correct people have access to the cpanel for our website, so to quantify the risk, what could a malicious or unqualified person do to our site if they had access to the cpanel.
Dear Experts

Microsoft AD FS server installed and configured post installation this required to install the SSL certificate and complete the configuration , please help to understand if to change the certificate which is already configured for ADFS to new certificate where all the configuration changes to made, I mean how to re-configure adfs OR assign the new SSL certificate to the ADFS sever, can you please list the changes to be done and where all the changes and what all to be done please.
Dear Experts

while i am deploying the ad fs server installed and configured ssl certificate successfully but some how I misplaced the noted password for .pfx file  I have access to the server from where the CSR file is generated and later on the same server imported certificate through digicert utility but now I am in trouble lost the password for .pfx file and I require this so that same certificate to be installed on other ADFS server in the farm. please help me it is of wildcard certificate on how to recover the password I have access the orginal server from where the CSR is generated . please help

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.