Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

When accessing OWA on Exchange 2013. We can enter our credentials, it accepts them. but we end up at a 404 can't find page - The page you're looking for couldn't be found on the server.

X-FEServer: ServerName
Date: todays date.

I can then click refresh the page and it loads owa just fine. Can anyone tell me why each mailbox gets a 404 error page first when signing in?

Thank you
CompTIA Cloud+
LVL 13
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

When users visit a website hosted on a virtual server at a client site, they are getting a Error and have to refresh the page. 2019-10-10_13h25_26.png
If I select the URL in the toolbar, and hit enter, the page refreshes and it comes up. but then I click on a menu option and it will then time out with the same error unless I hit the uRL and press enter to refresh the page. I have to do this every time I move from one link to another.

The server the site is on is Server 2016.
IIS is where the site is hosted.

I don't see any security updates with Microsoft that could be causing this block. The support entity told me to uninstall a specific security patch that isn't installed. So not sure where to go.
Hello Experts,

I try to redirect an URL : to an IP : with IIS.

I tried many ways: redirect url, URL rewrite...

There is no problem for http but I don't find the correct configuration to put a certificate on this site.
I just want a https://URL -> IP

The only thing I get is : 502 - Web server received an invalid response while acting as a gateway or proxy server.
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.

Should I create a reverse proxy?
I have an internal sharepoint website (this site is internal only - NOT available from the web) that has been recreated in O365. I recently configured http redirect in IIS to simply point traffic for that internal server - to be redirected to

I now want to get rid of that server. I need to use internal AD DNS to:

1. Ensure any internal traffic to URL https://central.CompanyName.local (old internal site) will still be pointed to (for anyone that's still using the old URL to access the new O365 site).

2. Ensure any internal traffic to the new URL is directed to that O365 site.

How can i configure DNS to do this?
I'm experiencing issues importing a newly purchased SSL certificate on my app server. I've already imported the intermediate certificate to my local intermediate cert authority store. I'm performing the following:

Access server certificate list => complete certificate request => browse to crt file => input a friendly name => choosing personal (as opposed to web hosting) for store location => ok
Navigate to website => edit bindings => the certificate I just added is not listed in dropdown of available SSL certs
Navigate back to server certs => the certificate that I added is no longer there

Open mmc => certificate => local computer => personal store => I’m able to view the certificate in question there
are log files stored within .\inetpub\logs\ some default logs captured on servers running IIS, and do these logs have a specific name? Is there any specific configuration within IIS that governs how long these log files will be maintained for? The reason I ask is we have identified from some data discovery work that they actually capture personal information, and we were wondering quite exactly what IIS is configured to capture, and what policies & controls you would need to have around IIS log files which capture personal information  if you have a similar situation with any of your apps/sites.
We have a public facing web site from which users query data pulled from our Oracle database.   It uses IIS v8.5 (pretty sure).    I'm the Oracle DBA who notices that on a weekly basis, the temp tablespace fills up because of what I believe are robots sucking data out.   This goes on for a few hours then quits.

Using a Log Parser, I see the pattern is:
* No cs(referer) information
* It is pulling directly from the PrintDatalet.aspx
* It's using several different IP addresses that are registered in various countries including U.S. but through this leasing company LEASEWEB-NL-MNT
* The pattern is that from each IP address (there are many) it increments the number of connections before moving on to the next IP in the range.

Some may be legitimate and so I don't think I should completely block IP ranges.  Plus I imagine the IP range will change for these annoying users.

I see in IIS there's a way to restrict the number of concurrent requests and I thought I'd like to experiment with this.  

I'm very embryonic with IIS and would require some handholding if any suggestions are made.  

Is there a way to throttle the requests based on the following?

1. Null value for cs(referer)
2. The "PrintDatalet.aspx" value for (cs-uri-stem)

Thank you.
Hi Guys
is there a way to block access to a single web page by IP?
 how is this done in iis 7.5 or above?
Solution needs to work in  Classic ASP!
How secure is your solution?
Server OS: Windows Server 2019 Standard

I have IIS installed on my server and I took all of the defaults.  The server is not really configured, other than 2 ColdFusion IIS virtual directories.  

I basically want to move the inetpub folder from:
C:\inetpub -to-

Can someone help with a step by step guide to accomplish this?
Thank you.
I need to give administrator permissions to a user on a server with IIS for all the sites that are on it. How can I do it?
OWASP Proactive Controls
LVL 13
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.


Currently I have a Exchange 2007/2013 co-existence setup and i'm currently not able to login to my Exchange 2013 OWA.

When trying to access from the internal - Credentials are entered, the screen flashes and does not allow the login.

When trying to access from the outside, credentials are entered, it acts like it wants to accept them, screen flashes and does not allow the login.

As i'm getting ready to move mailboxes from 2007 to 2013 so I'm really not concerned about the redirection working from 2013 to 2007. I'm thinking this issue has something to do with how the authentication is setup on Exchange 2013. Currently is is set to "use one of more standard authentication methods" and non of the check boxes below that are selected.
When I try to run a web application in Visual Studio 2019 I get the following error.  How do I fix this once and for all?

Unable to connect to the configured development Web server.

Output from IIS Express:
Failed to register URL "http://localhost:1789/
Error description:  The process cannot access the file because it is being used by another process. (0x80070020)

Is there an alternative to using IIS Express?
We have a vendor installed site on a local server in IIS.  They said the site only works in Chrome.  The site allows tickets to be printed by clicking a button called "PDF" which then generates and downloads a PDF.  For some tickets it works and others get "Failed - Network error".  It's not random, the same ticket either works every time or doesn't.  We can download those same tickets that don't work in Chrome, in Edge and Firefox without issue.  But Edge and Firefox have other view issues so we can't just switch to them.  Everything else within this site works fine in Chrome.  We've already tested disabling AV, UTM services, etc.  Those had no affect.  I'm thinking this issue lies in IIS or the code of the site.
IIS application error: could not connect to the specified computer. details: error creating the web proxy specified in the '' configuration section.
Admin's are able to connect the app but not users.
Please suggest.

I have the following error in IIS for Master Data Services instances:

HTTP Error 500.19 - Internal Server Error

The requested page cannot be accessed because the related configuration data for the page is invalid.

Detailed Error Information:

   IIS Web Core


   Not yet determined

Error Code

Config Error
   Only one <configSections> element allowed. It must be the first child element of the root <configuration> element  

Config File
   \\?\C:\Program Files\Microsoft SQL Server\130\Master Data Services\WebApplication\web.config

Requested URL

Physical Path
   C:\Program Files\Microsoft SQL Server\130\Master Data Services\WebApplication

Logon Method
   Not yet determined

Logon User
   Not yet determined

Config Source:
    7:   <configSections>
    8:     <section name="masterDataServices" type="Microsoft.MasterDataServices.Core.Configuration.MdsConfigurationSectionGroup, Microsoft.MasterDataServices.Core, Version=, Culture=neutral, PublicKeyToken=89845dcd8080cc91" requirePermission="false" allowDefinition="Everywhere"/>

Any ideas how I would go about troubleshooting this.

Any assistance is appreciated

Thank you. .
I am getting the following error,
"There was an error while performing this operation. Details: Invalid application path"
when I click "Test Settings" on the "Basic Settings" in an IIS Web Site's application's Actions section. The Web Site itself doesn't get that error.
This is a Windows 2008 r2 server Version 6.1, Build 7601: Service Pack 1.
It is running IIS 7.5.7600.16385 (Yes, I know. But I have no choice.)

There was an application called SSI running a website called SSL that a vendor had setup on one of our servers. My company purchased the application and for reasons to lengthy, we have to setup the SSI application under a different Web Site.

I setup the new web site, EndCourseSurvey. (I'm a developer, not a server admin.)
  • The site bindings are https with IP addresses All Unassigned on Port 443.
  • The Host name field is disabled.
  • The SSL certificate is DigiCert SHA2 Extended Validation. It has a yellow warning next to Key Usage and Basic Constraints. (I don't know what that means but all our certificates seem to have that.)
  • Key Usage: Digital Signature, Key Encipherment (a0)
  • Basic Constraints: Subject Type=End Entity, Path Length Constraint=None

Under Basic Settings, the web site connects as the Application user with pass-through authentication.
When I click on Test Connection for the web site (not the application), the authentication passes with a green check. The …
We have one server using SSL that purchased on GoDaddy and our domain is
Now, we have another server hosting on AWS, and it is still We just use it as fail over purpose.
for example, if our main office's power is off, we will switch's ip to AWS on DNS make easy.

My question is: I want to install SSL on AWS IIS. Where should I get SSL? On or I can extract from office's IIS?

I am running Server 2012 datacenter, IIS 8. says that I have SSL 3.0 enabled on the server and i do not believe i do. I have used IIS Crypto to disable it. I also followed and verified registry. I rebooted as well.

Any thoughts?
I am trying to set up a VPS but this came with no configuration at all, i am trying to set up the iis at the moment and i am struggling

its on a windows 2019 datacenter server, with IIS 10

the error i am getting is "can not verify access to path " (microsoft say this is just a warning and will be fine at run time)

however it will not process  server side includes as it cant find the folder, unless i put in the full path in the Include tag, this isnt an option as it would mean to much editing of the code for each instance

<!-- #INCLUDE virtual="/cmms/common/db_obj.asp" -->  Doesnt work

<!-- #INCLUDE virtual="harbourside/cmms/common/db_obj.asp" --> does work

server side include is configured in iis , and set to true in the asp module

I have spent days trying to figure this out, i cant find much help on iis 10 in google
JavaScript Best Practices
LVL 13
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

Tried to install ColdFusion 11 on Server 2016.  The installer finished sucessfully, but when trying to open the CFadmin page, I get error 404.   Looking in IIS manager, it doesn't look like the installer created the default website like it usually does...what do I do?
I  am running my site on IIS 6.  Have installed SSL and when I call it on https I get the following error.

Tried clearing the cookies on browser but no luck.
I have a site which is sitting on an IIS 6 server.

I have setup SSL on IIS server.

The normal http call brings up the site. e.g. (

However, I get "403 - Forbidden: Access is denied." when I try to load the site through https. e.g. (

I have searched everywhere and have already tried the following,

Unticked the "Require SSL" and selected the Ignore option as the Client Certificate.
Hi Guys
I am running an eCommerce website using Microsoft  platform
My website is hosted on a  VPS  ( Plesk )
i am using  Classic Asp
I lam looking to  prevent  remote access to a  website folder  ( My  Image folder)
What are my alternatives?
Any help is appreciated
On my Fax Server , I want to configure the size limit for the faxes  , SMTP Server role is installed , but in IIS Manager i can not find the SMTP Virtual Server website .
I have windows server 2016 Can anyone help.
We have an app running on IIS 8.5 which are KPI dashboards running SQL queries and displaying the results in a browser. We have an issue where the dashboards in general begin to slow down and eventually become useless. We have tested the SQL queries used in the dashboards directly against Oracle and they run fine with no delay. The only fix so far we have found is to run IISRESET. Once we run IISRESET, it begins to work again. We also test the same queries within our ERP system(Oracle backend) which the dashboards feed off from different PC's and they run fine. The issue is with IIS or the app itself. if it was the SQL query being too heavy, you would see a slow response time when ran directly in Oracle. we have gone through and set IIS to vendor and Microsoft recommendations including using recycling.

Aside from defects in the code of the app, Is there anything we are missing in IIS that may be causing the issue?

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.