Microsoft IIS Web Server

35K

Solutions

29K

Contributors

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi,

I am trying to add a few URL rewrites, as an example, I have the following in my webconfig:

 
<rewrite>
        <rules>
            <rule name="SpecificRewrite" stopProcessing="true">
                <match url="~/Users/Apples" />
                <action type="Redirect" url="~/Users/Products.aspx?category=apples" redirectType="Permanent" />
            </rule>
        </rules>
    </rewrite>

Open in new window



I am running through VS for testing but just get a page not found (HTTP Error 404.0 - Not Found) when I navigate to http://localhost:56192/Users/Apples

Any help is appreciated.

Regards,
0
Introduction to R
LVL 12
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Just upgraded out TFS install to 2018 and migrated to a new server. Trying to set it up so we only use HTTPS and I am able to login through the web interface and projects listed but when I try to connect through Visual Studio 2017 I get this error:

"TF400324: Team Foundation services are not available for server 'servernamehere'. Technical information (for administrator):
   The underlying connection was closed: Could not establish trust relationship for SSL/TLS secure channel"


In IIS I modified the bindings for the TFS and removed all the default bindings so now I only allow https://servername.domain and assigned a wildcard cert with the domain in it we got off godaddy. I then went into the TFS administration console and under the application tier I set the public URL to the same URL that was in the binding. I then reset the server to make sure everything got updated with the new URL settings.

Even then I was still getting the same message every time I tried to connect using Visual Studio. I know the cert is good and the path does work since I can connect via a web browser but I am not getting enough detail from the error message to help see what Visual Studio is actually trying to connect to generate that error.
0
i have a virtual machine within Azure which serves up a web site.

when i navigate to http://api.website.com it works fine.  i purchased a SSL certificate and it imported into IIS.  i edited the bindings for the cert using the default port of 443.  i added the site's name api.website.com to the bindings.  

when i navigate to https://api.website.com i get a "The connection has timed out" error.

the firewall rules allow 443 (default rule).

what else can i check and/or modify within IIS or the OS?  any help is appreciated.

thanks.
0
Hello,
I searched Experts and found a comment linking to documentation to set up URL rewrite:

Regarding the comment:

https://www.experts-exchange.com/questions/29093041/Server-2016-HTTP-2-HTTPS-redirect.html#a42565398

I'm trying to set a URL rewrite from http to https in IIS 8.5 using the steps outlined in the following article mentioned in the comment above.

https://blogs.technet.microsoft.com/dawiese/2016/06/07/redirect-from-http-to-https-using-the-iis-url-rewrite-module/

My settings are exactly the same, but it's not re-directing to the https, but just times out. Any ideas would be appreciated.

Debra
http.PNG
0
Hello,
I need advice in securing an IIS server and PHP. I'll be uploading some php forms to be accessed through the browser and want to make sure they are secured.

IIS 8.5
PHP 7.0.7

Any help or advice would be appreciated.
Debra
0
I need to set up an IIS site (with PHP already installed) and import some forms to be accessed through the browser. It's been two years since I've used IIS and I have forgotten how to correctly set up a new website. (What port to use, making sure PHP is installed correctly using the PHP Manager, how to import the PHP forms created by one of our faculty members, make sure it is accessible on the web, etc.) Any help will be appreciated.

I don't think I set it up correctly - Hoping it will be accessible through: https://casweb.memphis.edu/msci-forms

Thanks,
Debra
0
Hi Experts ,

I have 2 Exchange servers , both running Exchange 2013 in the same domain.
1st Server is Srv3 which was the first Server setup and running Exchange 2013, the 2nd Server is Srv6 this is the 2nd Server running Exchange 2013.
I want to decommission Srv3 and make Srv6 my main and only exchange server.
I have moved my mailboxes across to Srv6 and have purchased a comodo payed cert and this is also installed on Srv6.
Srv3 has a self signed cert installed.
I am looking for some help on decommissioning Srv3 and making Srv6 my primary and only exchange Server.
if I turn off Srv3. I can access my Mailboxes and I can sent mail as now going trough Srv6, but can't receive mail or get to my e-mail remotely (owa).
if I try and setup the receive connector on Srv6 to be the same as Srv3 but  it won't let me.
Any help or advise would be greatly appreciated
Thank you.
0
Are there any free tools to automate the analysis of an iis server configuration against recongised iis security / general best practice.
0
Hi All

I'm using a Windows Server 2012 R2 Standard with IIS Version 8.5.9600. I'm trying to redirect link A to link B, see below

Link A
ifly.com.au/special

Open in new window


Link B
https://downunder.iflyworld.com/book-now/gifting-step3-special?code=BLOCKS&tunnel=PEN

Open in new window


I created a web.config file under the iFLY.com.au folder, the web.config consists of the below

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
<httpRedirect destination="https://downunder.iflyworld.com/book-now/gifting-step3-special?code=BLOCKS&tunnel=PEN"/>
    </system.webServer>
</configuration>

Open in new window


When I try to access the iFLY.com.au/special I get the
500 - Internal server error.

500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.

Open in new window


Any help is greatly appreciated!
0
Hi Experts,

When browsing through https://www.aces-project.com/, at times its slow.

The hosting company says its not the server, but I'm using the Appointment theme in WordPress with minor adjustments.

I've used the same theme on https://www.atsinlaw.com/ and http://www.southerntime.ca/ with a lot more adjustments, and they are faster.
0
CompTIA Network+
LVL 12
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

I have jQuery/Javascript on my page at:
http://www.domain-a.com/page.html

...and I am trying to do a jQuery $.post to:
https://www.domain-b.com/script.asp

But I get this error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at...

On www.domain-b.com I have the following in web.config (this is an IIS server):

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <httpProtocol>
            <customHeaders>
                <add name="Access-Control-Allow-Origin" value="*" />
            </customHeaders>
        </httpProtocol>
    </system.webServer>
</configuration>

Open in new window


...however, I still get the error. I don't have access to .htaccess or anything else on www.domain-a.com. Is it possible for me to resolve this issue, or is it not possible because I don't have access to the www.domain-a.com server? It isn't clear to me if I need to add Access Control to the server where the web page resides, or the server where the target script resides.

Thank you.
0
Hello,

I am running IIS 10 on Windows Server 2016.  I created a custom 404 error page called 404.asp and placed it in the root folder of the website.  This is my web.config file:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <staticContent>
            <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="14.00:00:00" />
        </staticContent>
        <httpErrors>
            <remove statusCode="404" subStatusCode="-1" />
            <error statusCode="404" prefixLanguageFilePath="" path="/404.asp" responseMode="ExecuteURL" />
        </httpErrors>
    <rewrite>
      <rules>
        <rule name="HTTP to HTTPS redirect" stopProcessing="true">
          <match url="(.*)" />
          <conditions>
            <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
          <action type="Redirect" redirectType="Permanent" url="https://{HTTP_HOST}/{R:1}" />
        </rule>
      </rules>
    </rewrite>
    </system.webServer>
</configuration>


I thought that this was the correct way to implement the custom error page but the website just goes to the standard 404 error for IIS.  Any help diagnosing this would be greatly appreciated.  Thank you.
0
Hi Experts,

I'm trying to connect to a Access DB in order to sanitize some data using PHP. I Have already enabled by PHP PDO ODBC driver  (uncomment the extension=php_pdo_odbc.dll line in php.ini) and restarted my IIS.

I get the following code...
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY000] SQLDriverConnect: 63 [Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key Temporary (volatile) Ace DSN for process 0x14b8 Thread 0x11e4 DBC 0x22f8444 Jet'.' in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php:18 Stack trace: #0 C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php(18): PDO->__construct('odbc:Driver={Mi...') #1 C:\inetpub\wwwroot\DICE-AccessNOC\find-distinct.php(6): Access_DB::getDB() #2 {main} thrown in C:\inetpub\wwwroot\DICE-AccessNOC\includes\access_db.php on line 18

Open in new window


My includes/access_db.php is
<?php

$TBL = "TBL_DICE_Factorial_Analysis";

class Access_DB{
 
    private static $db;
    
    private function __construct() { } //no new objects can be created
    
    public static function getDB() {    
    
        $access_path = "Z:\\Business\\CLIENTS\\DICE Assessment\\Received Files\\NOC_Database_Backup_2_PHPCopy.accdb";
         
        //One connection per browser session
        if (!isset($db)) {
            $dsn = "odbc:Driver={Microsoft Access Driver (*.mdb, *.accdb)}; Dbq=$access_path;";
            self::$db = new PDO($dsn);
        }
        return self::$db;
    }
    
    public function __destruct() {

        self::$db->close();
        
    }
}

function print_variable($var, $label = '', $raw = true){

    echo '<br>=========START=========<br>';
    echo '<b>' . $label . '</b>';

    if ($raw == true) echo '<pre>';

    print_r($var);

    if ($raw == true) echo '</pre>';
    echo '<br>=========END=========<br>';
}
?>

Open in new window


The caller is
<?php
    require_once 'includes/access_db.php';
    
    $query = "SELECT * FROM $TBL ORDER  BY NOC_Code, NOC_Occupation; ";

    $db = Access_DB::getDB();

    $statement = $db->prepare($query);
    $statement->execute();
    $rows = $statement->fetchAll(PDO::FETCH_ASSOC);
    $statement->closeCursor();

    print_variable($rows, 'Fact Analysis');
?>

Open in new window


I have also given full permissions to HKEY_LOCAL_MACHINE\SOFTWARE\ODBC and its children to IIS_IUSRS, but the issue persists.

I'm also posting this under ASP, as I see on Google, this also occurs under ASP.

Any help will be greatly appreciated.
0
Hi folks, how do I get IIS web server up & serving a page quickly. I just need it to serve up a 'restricted content' warning page for my domain users when they try to access YouTube which I have redirected to my internal IIS server using DNS. Unfortunately to do so seems to require a PhD in SSL certificates. Seems way too complicated for the benefits. Can I just disable HTTPS functionality on the IIS server or should I persevere to enable it - I'm guessing this requires the certificate from the IIS server to be installed on all domain machines via group policy?
Currently all machines are able to get through to the IIS server, but not without a 'your connection is not private' warning like the one here - https://goo.gl/images/7y8vB6
Thanks in advance.
0
I have managed to block YouTube.com using DNS entries for the relevant domains. This is because it uses too much bandwidth that we don't have.
Anyway it's just a temporary measure, but I'd like to display a webpage that explains the blockage to users. I've been looking up dns redirects to an internal IIS server that has the page on it, but I though there might be an easier way that one of youay have heard of .... ?

This is how I blocked YouTube if anyone's curious, I followed the method here, except I haven't put in a CNAME alias yet.
https://social.technet.microsoft.com/Forums/en-US/04aaf74a-b43e-4a06-be62-126a5a57cf36/you-tube-dns-config?forum=winserver8setup
0
Hi,

I noticed in the event logs on one of our Exchange 2010 servers that that we were getting an error for Event ID: 17. I checked on google but I haven't really found a solution to the problem not sure if anybody has any ideas. This is a new Exchange 2010 server it's been running for about 2 weeks now. I've included a screenshot

Solution 1

Solution 2
Exchange1.jpg
0
Problem with FTP user isolation in IIS 8.  Users logging into server are going into the localuser folder instead of their own folder.
We are only using this IIS server for FTP. I have created local user accounts with passwords on the server and created folders under the Localuser directory with the same name as the local user account. I gave full control permissions to the user account on that folder.
However, when a user logged in, he went in at the localuser level and did not see any of the other directories, including the folder on his own name.  Any help is greatly appreciated.
Windows Server 2012 R2 Standard with IIS8.
0
Windows Authentication in Chrome does not works as expected from AD/Domain environment.

It works perfect in Firefox after adding the http://app.domain.local to network.automatic-ntlm-auth.trusted-uris

It works also good in Edge and Internet Explorer after adding the URL in Local Intranet - Sites.

I expect it to work in Chrome too. But I am always being promted. Any ideas?

I have tried with or without Negotiate security method for Windows Authentification. I am currently using only NTLM.

Chrome version 69.0.3497.100 64 bit.
IIS 8 and MVC (Webform) (newer version) ASP.Net app
0
First i'm sorry for my english.
My problem is with my SharePoint Website running on MOSS 2007 on a Windows Server 2003 with IIS 6.0 ans ASP Net 2.0.
My website was working very well but after some configuration on ISS console i got this issue.
When i try to access to my website with this URL: http://myserver i got an error Message : Content view is not allowed for this virtual directory.
But when i try with this URL http://mywebsite/default.aspx it's working but my CSS and JS file are not loaded. So i get an aspx page without my customisation.
I tried to give all right to my directory wwwroot to different user like thé ASP user, to ISS user ... Without any result.
The strange thing it's :
- when i try to go to my default site which use ASP Net 1.0 it's working well...
- When i try to read my SharePoint list from ACCESS 2007 or directly from the web by the direct URL it's Works
- but when i try to open my website from SharePoint designer it's impossible.

Thanks on avance for any help.
0
The 7 Worst Nightmares of a Sysadmin
LVL 1
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

Summary
HTTP Error 401.2 - Unauthorized
 You are not authorized to view this page due to invalid authentication headers.

Some new users to my web site cannot log on due to 401.2 and 401.1 errors. Other new users connect without any issue. Users have the DoD CAC smartcard and they are valid for logging into their workstations. All the certificates point to the same root authority, DOD Root 3, but have different intermediate certificates which are DOD CA 38 to DOD CA 51. Users with intermediate certificates numbered 48 or higher get the 401.2 error and cannot log in.

I assume the problem is the more recent intermediate certificates are not installed or configured correctly. I installed the most recent certs from the cert authority using their tool, InstallRoot.exe. MMC confirmed the intermediate certs are in the Certificates (Local Computer) -> Intermediate Certification Authorities -> Certificates.

The server uses the Axway tool to validate certificates. In the Application Event Log for the attempt, it said "Revocation Status: Good" so I assume my OCSP and its cache are set up correctly.

After every 401.2 error is a 401.1 error. The sc-win32-status for the 401.1 error is -1073741715. Is that number significant?  

The detailed configuration description:


I am using IIS 7.5 on Windows Server 2008 R2. I set up the web server and the web site to require a smartcard to open the web site. To that end I set up iisClientCertificateMappingAuthentication …
0
What are the steps necessary to determine if a certificate is 128 bit or 256 bit?
0
What are the steps required to change an IIS hosted website from HTTP to HTTPS?
0
Hello

I'm having an issue with setting up an IIS FTP server (on a 2008R2 box). I have succeeded in setting up the server, users, publish the directory, setup NAT on the firewall. Things are looking pretty much ok but I am struggling at this point:

 220 Microsoft FTP Service
AUTH TLS
234 AUTH command ok. Expecting TLS Negotiation.
USER username
331 Password required for username.
PASS *****************
230 User logged in.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
FEAT
211-Extended features supported:
 LANG EN*
 UTF8
 AUTH TLS;TLS-C;SSL;TLS-P;
 PBSZ
 PROT C;P;
 CCC
 HOST
 SIZE
 MDTM
 REST STREAM
211 END
OPTS UTF8 ON
200 OPTS UTF8 command successful - UTF8 encoding now ON.
SYST
215 Windows_NT
PWD
257 "/" is current directory.
CWD /
250 CWD command successful.
TYPE A
200 Type set to A.
PORT 172,16,101,102,208,219
501 Server cannot accept argument.
CWD /
250 CWD command successful.
TYPE A
200 Type set to A.
PORT 172,16,101,102,208,222
501 Server cannot accept argument.

Open in new window


I guess this is somehow linked to passive FTP mode but
  • it happens even if I explicitly request active mode only
  • I have defined the passive ports in the "FTP firewall support" tab and NAT-ed them to the correct internal IP
  • this works fine if connecting locally (localhost) but not from LAN no WAN

I'm sure it is a "classic" one (seeing lots of post googling this) but can't really figure it out.

Any advice most appreciated
1
Hi guys

How do you give someone the private key for the SSL certificate but un-encrypted? I don't get what they are saying.

I've got a Windows 2008 R2 web server that I created the CSR onto. Then I got the certificate from the provider and have applied the certificate to this to complete the request.

My colleague needs the private key. I exported it as a .PFX file, but when you do that, it is password protected. He needs it un-encrypted.

Do you use the MMC console to do this and then export it as a .CER file? Will that be correct?

Cheers
Yashy
0
Exchange 2003 Activesync and OWA stop working after 1-2 days and server needs to be rebooted.  Email is working fine other than ActiveSync and OWA.  Browsing to OWA shows RESET error on the browser or site not available.

IISRESET does not solve the issue nor does starting/stopping all Exchange services.  Only a full reboot solves the issue. Thoughts ?
0

Microsoft IIS Web Server

35K

Solutions

29K

Contributors

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.