Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

I need to redirect a website within IIS instead of using a DNS change.  What is the best way to do this?
Will your db performance match your db growth?
Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

is there an easy way in IIS to identify the local web root folder (e.g. c:\,.,) for each site/application?
I'm running a WSUS on Server 2012 R2. Just about everyday, I get the following result when I access the MMC (See screen shot below-name of the server has been changed for this issue)
I can usually reset it by a simple batch file that stops and restarts ISS, and have even created a task that does this, but that din't work. I smartened up and copied the error statement to the clipboard. Here's the content of that error:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The request failed with HTTP status 503: Service Unavailable.


Stack Trace:
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServerConfiguration.Load()
   at Microsoft.UpdateServices.Internal.ClassFactory.CreateWellKnownType(Type type, Object[] args)
   at …
I have a problem, I have a website that for some reason, If I don't don't type the www, it doesn't work.

For example,
if I go to  it works fine
If I go to it doesn't work

What could be the problem?
We want to do an audit of some web servers (all of which run IIS) to ensure no sensitive information is vulnerable to unauthorised disclosure. I have read some articles claiming often web admins leave backup copies of sites in an area of the web server which may be accessible. And also have read that web.config files can often contain credentials.

Are there any other common types of security sensitive files which may be accessible on a web server from your experience? And also – is there a way to limit which areas of a web server you review/run keyword searches on from the backend OS.  Would it just be anything within 'wwwroot' per site? Or is that quite a simplistic view? And is there a default location for wwwroot per site, or an easy way to identify where the wwwroot per site resides from within IIS?
My FTP server is running on windows 2012 .Now i got error "FTP does not encrypt or encode passwords or data before sending them to the server. To protect the security of your passwords and data, use Web Folders (WebDAV) instead."

I would like to know if someone has already played with the Microsoft WebDAV (MiniRedir) Client (service "Webclient") registry settings ?

I would like to change the cache control behavior to No Cache.

The cache on Windows Server is currently stored in the following directory: C:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV

Good morning all!  I've got a weird situation on a local webserver that we run in the office.  We have an intranet web site that we use for office admin etc.  Also as part of the same project we have a webservice that is interacted with by a scheduling/time clock application (Windows Forms Application).  We've used this same solution for a few years between 2 offices (connected with a VPN) with no issues.  We have now had to separate the applications into 2 separate instances (1/office).  I got IIS running in the other office and the website is running aok.  The issue is that the time clock application is has lost its connection to the webservice first thing in the morning.  It is scheduled to close after hours each evening so it needs to be run in the morning.  In the morning once it has been run it doesn't have a connection to the service for about 20 minutes (estimate from what I've been told) and then connects properly and runs fine for the rest of the day.  The time clock program polls the service every few seconds.  The odd thing to me is that when the time clock can't access the webservice the web site is accessible on the same PC.  This seems to take a routing issue off the table though maybe I'm missing something...? We have a local DNS server that has an "A" and "PRT" record to the web server IP.  The web site is running on the DNS server.  We also run a scheduled task that purges the DNS records every 5 minutes.  We started doing this years ago as one external …
Local iis7 settings disappear. Like mime types, error pages. I can't figure it out how that can happen.
Settings to the default site are kept.
Does anyone have an idea?
Hello Experts,

Does any one know why I keep getting a  HTTP Error when uploading a .mp4 file?

The file is smaller than my max_upload.

Thank you.
Migrating Your Company's PCs
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

I deployed my C# MVC ASP .Net website with a deploy package, edited the web config with the correct appsettings and connection strings, then all o the sudden I am getting this after running iisreset and browsing to the site eternally:

401 - Unauthorized: Access is denied due to invalid credentials.

Don't know what has changed, it used to work before.
If I browse to the site locally on the server using https://localhost, then all works fine. If I use the external domain address and thereby enter via the public IP of the server, I get the error shown above displayed in the browser. This happens using the external domain address of the website both locally on the server itself and remotely from some other location.
Had a Windows Server 2008 crash, had to reinstall OS.
We're trying to get a basic website that was on the server back up & running. Reinstalled IIS7, created website w\same name as previous. Pointed to previous data directory. Web browsers can get to default.html at the root of the directory, but once we go into subdirectories, are getting "404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable."
The directories and files exist; wondering if it's a permissions issue?
We've tried granting ServerName$ permissions on the subfolders, but still getting 404 error.
we are reviewing share permissions for a security audit and noticed on an IIS server, the folder c:\inetpub is accessible with read only rights to domain users. Knowing IIS as you do, could this default IIS folder contain any security sensitive information that should not be openly accessible, or is it pretty anonymous data that poses no real risk.
Have a 2012 remote desktop server for GP deployment, we are using a wildcard cert from GoDaddy, everything was fine until last week our Network engineer rekeyed it with godaddy, Anytime someone would go to GP Web services they would get a certificate revoked error, downloaded the new cert and rebinded in IIS, this fixed that issue, today the issue is anytime the connect via RDP they are getting the same error that the cert has been revoked.  I've gone into the RD gateway manager and reimported the right cert, rebooted and then tested, same error. I check the cert and it looks like the old one still, is there another place i need to put this cert?
We have to access Exchange control panel 2016 internally and externally. For security reason I would like to stop ecp for external access so what will be the best way to stop...

Virtual directory

One of our 2012R2 IIS web servers starting having a weird issue with port exhaustion resulting in an error 'Tcpip 4231'.  All of the outgoing ports are in use.  This was a brand new server, not serving any pages, but we monitor the availability.  We assumed it was related to a Windows update and began looking in to the issue; but then another server which hasn't had updates since April 2017 started having the same issue.

When I ran netstat, lo and behold every port in the range was in use by IIS.  It looks like there were ~120 inbound connections but the full port range was in use.  I was able to work around it temporarily by extending the range from 10000 - 65535 but this is a temporary fix.

So far as I can tell, no Windows 2008R2 IIS servers have become problematic.  

I'll post more info as I have more detail, but if anyone has run across this before it would be helpful.

Thanks in advance!
I am trying to create pdf file in temp folder programmatically.

 I am getting Access Denied to temp folder in IIS while generating pdf  using background service.

But when i generate file inside the temp folder by web app then it allows file creation.

The temp folder has Read , Write permissions and background service is running as administrator.  

Plz suggest.
Hi, i'm really desperate, facing a problem that is obsessing me.
I'm managing a legacy web-application entirely wrote in classic asp 3.0, connected to a mysql database.
I'm experiencing hangs, like, someone sometimes go on a page and it takes FOREVER to reply, without any apparent reason. If i later try to launch that same page, it loads without problems, so it's NOTHING related to code cause it's not repeatable at all.
In this attached screen took at Worker Process monitor on IIS u can see quite the example situation.
At this point, to start, would be enough for me to tell IIS "PLease, if a process takes more than 2 minutes, TERMINATE IT!". Using "Idle time-out" from application pool settings seems to not work (it's set to 1 minutes and you can see here there are process waiting forever).
Server.scriptTimeout doesn't work either (it's set to 3 minutes).
These process get terminated only when i recycle the appPool, but i can't recycle it cause it will disconnect all users that are current logged in.
Another thing that i noticed, is that if a user start a long-time operation (for example an inventory), he cannot interrupt it till it ends, in few words even if i rethink about it and wanna do other things, he have to wait that page to reply before he can open another page on the same domain with the same browser.
I have tons of things to say but at least this is a starting point. Anybody can point me to the right direction to face this problem?
Just installed Exchange 2013 and when i try to browse to https://localhost/ecp?ExchClientVer=15 nothing happens. It just hangs.

Free learning courses: Active Directory Deep Dive
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Failed to install web server service IIS windows authentication & ASP due to error "Attempt to install ASP failed  with error code 0x8007007E. The specified module could not be found &  "Attempt to install windows authentication failed  with error code 0x8007007E. The specified module could not be found
Hi All,

Can anyone here please assist me in troubleshooting as to why my Outlook Web Access is randomly signing me off while reading or typing email ?

I also cannot access the below OWA option with HTTP ERROR 500:
Change OWA Account settings:
Change AD Password:
Enable OWA Add On:

However, when I manually type in the Public IP address or the server name instead of, I can access the server with no problem.

This is my current deployment of the Exchange Server 2013 Standard Edition in my domain:

AD Site: Default-First-Site-Name [old CAS & MBX server] [new CAS & MBX server]

AD Site: Head_Office [CAS & MBX server] [MBX server]

I have just created multiple A Record for and pointing to my existing 3x CAS-MBX Exchange 2013 server roles.

Public DNS (A) records Round Robin: – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM

Internal DNS (A) records Round Robin: – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Hi All,

After installing new CAS role and then configuring the Virtual Directories to use single name space, I cannot access OWA on my new Exchange Server 2013 Standard edition ?

Error: is currently unable to handle this request. HTTP ERROR 500

Why is this happening ?
Dear community,
We have Problems with active sync in Exchange 2016 CU5.
After a Migration from Exchange 2010 to Exchange 2016 CU5 the following error occours when we connect with active sync:

OWA is working!

exchange analyzer
Event code: 3008
Event message: A configuration error has occurred.
Event time: 07.07.2017 08:10:45
Event time (UTC): 07.07.2017 06:10:45
Event ID: d049c0dd0f3b4cc4986b58ec61b74869
Event sequence: 1
Event occurrence: 1
Event detail code: 0
Application information:
    Application domain: /LM/W3SVC/2/ROOT/Microsoft-Server-ActiveSync-4285-131438814449264551
    Trust level: Full
    Application Virtual Path: /Microsoft-Server-ActiveSync
    Application Path: C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\sync\
    Machine name: XXX
Process information:
    Process ID: 18536
    Process name: w3wp.exe
    Account name: IIS APPPOOL\DefaultAppPool
Exception information:
    Exception type: ConfigurationErrorsException
    Exception message: Could not load file or assembly 'Microsoft.Exchange.Security, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. (C:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\sync\web.config line 251)
   at System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective)
   at …
im using windows server 2012 and iis 6.2
i have it configured to point at a smtp exchange server
the portal on iis sends out emails
this seems to work for a day or 2 then the emails stop going out
if i do a iisreset that will fix for another few days
then it fails again
i know i could schedule an iis reset but i would like to know why this is happening
We are using Oracle's Primavera Contract Manager that requires a SMTP server to send email but allows for no options to use anything that requires a username or password. So in order to make it work we have the IIS SMTP service setup that requires no authentication and anonymous access. This is a problem as it appears some outside source is using it to send bogus/spam emails. Any ideas if there are options to secure the smtp server service on the Windows 2012 server so it's not anonymous access to send? or possible some sort of free online smtp server? The ISP is Comcast which requires a username and password for smtp services so that will not work. Any thoughts? Or addiotional questions please feel free to ask and thank you in advance for your help.

Microsoft IIS Web Server





IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.