I'm running my ASP.NET MVC app on a Windows Server using IIS 10.
I've set bunch of custom header in HTTP Response Headers section for this website.
After some time I was stunned after finding out that they're no longer there.
I suspect that they were erased when I deployed a new app version - effectively by changing app path in Basic settings section for a website.
How can I make those headers persistant?
Why where they cleared?
Is there anything else that I should know about?
If custom headers were added through the IIS server interface the changes would be persisted on the web.config of the app on the server. Upon deploying a new version of the app the same would be replaced with new config file. Over writing of the config file would lead to loss of any custom configuration the old file may have including the custom header fields. With the amount of information available, I assume this may be one of the possible reason.
If you set HTTP Response Headers in iis, then you can view it in web.config.
Then you only need to monitor who cleared the HTTP Response Headers.
About how to monitor the web.config file, you can try to use the Win32 function ReadDirectoryChangesW.
Asp.net uses the Win32 function ReadDirectoryChangesW to monitor directories and files. Once a change is detected, the Application domain is recycled which may cause performance issues.
More information about ReadDirectoryChangesW function you can refer to this link:
ReadDirectoryChangesW function
Related
I have an asp.net application deployed on IIS Server located at 10.0.0.74, when
i tried to access it with chrome browser i get an empty or blank webpage.
However if my colleague tries to access it from his computer he get normal webpage with content on it.
It seems really weird to me what might be the problem.
The screen shot below is what the page looks like.
I would appreciate any help
This is not enough to go on, assuming ASP MVC 5 on IIS here are some suggestions.
On your server
Check the following
Is the physical path in IIS correct - actually point to your code?
Do you have any rewrite rules in your web.config that could be redirecting?
Did you set up the bindings correctly?
Are you hitting the site under https / http?
Checked "Turn windows features on/off" and see if ASP.NET 4.8 installed
Did you setup the HTTP Redirection and HTTP Errors
See how you are setting up error handling setup in your global.asax, see here and disable it
Goto your Control panel > Programs and features > Turn Windows features on or off and under "World Wide Web Services" / components:
Common HTTP features:
Default document
Directory browsing
HTTP Errors
HTTP Redirection
Static Content
Security
Basic authentication
Request filtering
URL Authorization
Windows authentication
The problem was that the plugins in "Content" folder were not included in the projects.
I included all the files shown in the image below.
I apologize for wasting your time, i should have checked the console before!
OK, so a little background on the environment configuration at present:
Using VS2017
IISExpress folder present in my documents folder with applicationhost.config file
When I run my web project in VS2017, it runs successfully through IISExpress. If I view the IISExpress config window then it shows me that my app is running successfully and that it's using the config from my source\repos folder and not the main IISExpress folder in my documents. If I look at the config file in the IISExpress folder there is no mention of the bindings for my currently running application (makes sense, as it apparently uses a different config file).
However, within my app I need to be able to use the Microsoft.Web.Administration toolset to try and identify the port bound to https for the current site to handle a redirect to a page that must be secure. In the production environment this is just handled by pushing to https:// because we know an SSL certificate will be present. But, when debugging locally I need to switch to SSL and take the port number otherwise my redirect is broken, for obvious reasons.
Using _Manager_ServerManager As New ServerManager
For Each _Loop_Binding As Binding In _Manager_ServerManager.Sites(System.Web.Hosting.HostingEnvironment.ApplicationHost.GetSiteName()).Bindings
If (_Loop_Binding.IsIPPortHostBinding) AndAlso (_Loop_Binding.Protocol.ToLower() = "https") Then Return _Loop_Binding.EndPoint.Port
Next
End Using
The code above causes an error when running, as the current site does not exist within _Manager_ServerManager.Sites. If I inspect this property then I can only see the applications that are configured in the configuration file taken from the IISExpress folder in my documents, not the current site!
I'm really scratching my head on this one, is there any way programmatically that I can get this information for the currently running website?!
EDIT
Based on some of the comments below, more clarity has been requested as to what I'm actually trying to achieve. The website typically operates on standard HTTP, however, when progressing to one particular page for security reasons we need to shift to HTTPS:
Response.Redirect("https://" & Request.Url.DnsSafeHost & "/my-page.aspx")
When debugging this website locally, using IISExpress, this results in you being redirected to https://localhost/my-page.aspx, which is incorrect because the site runs on a port of localhost (i.e. http://localhost:64905 and https://localhost:64906). This means that I cannot just append Request.Url.Port onto the end of DnsSafeHost, because it will not be the HTTPS port required. Thus, so that we can run this project locally on our dev machines we need to automatically switch the port to the HTTPS version so that we can continue seamlessly without any disruption and having to manually rebuild the URL each time we get redirected.
I've developed a new WEB API 2 that works great locally, however when I upload the same code to my production server (Arvixe in this case) all I get is a 404 when I call it. I've spent HOURS searching the web, reading forums, etc.. and have been able to find no resolution, so I'm asking here as my last effort.
I'm currently only testing with the default project that gets created when you do New Project > ASP.NET Web API 2 Empty Project in Visual Studio. This creates an empty project with a single ValuesController. You should be able the JSON response by called /api/values, but this doesn't even work.
I'm using Fiddler to test the API locally and on the web server.
http://localhost:1993/api/values <--- works great
but
http://api.mydomain.com/api/values <--- returns 404
Note: I created a subdomain "api" in this case, but everything for the code for the API is unchanged from when it was created.
Why in the world does this work locally but not on the production web server?
That the server returns 404 (Not Found) may indicate a lot of things. However you can check using the following step:
Add a simple text document like readme.txt to your a folder sub-domain http://api.mydomain.com, and try to get access to that. If you can't access to that file, it means that the subdomain is not configured properly.
Publish the webservice using the "Publish" functionality, so that all DLLs will be copied.
After that,try to reach the Web ApI again.
Hope that help.
"Note: I created a subdomain 'api' in this case, but everything for the code for the API is unchanged from when it was created."
Above comment of your's is suspicious, you should publish your WEB API application in the root directory. Like if http://example.com is pointing to "MyExample" folder, then application should be published on "MyExample" folder.
After that you will be able access your api with http://example.com/api/{controller}/{action}
Just a simple suggestion which I'm sure you have already considered, but have you opened the http port 80 on the server's firewall?
Also stick a plain old html file in the root of your project and see if the server serves it up.
in your case, since you create a subdomain of 'api', you should try
http://api.mydomain.com/api/api/values
note that if you're using database for the function, you should change the connectionString in your web config
Please verify the .net framework on you hosted domain that may be old one.
Web api 2 is supposed on 4.5 framework.
One reason for web api 2 method working OK on local machine but not on production server is that the method you are calling is working on local machine but not on remote server. In such a case you will receive message 404 or 500, and you would be lost why this routing is failing.
Why a method would fail on remote server, well there may be many reasons. For me, I was querying database in my method and my connectionString was not set for remote server.
One way of resolving it would be to put some very simple code in that particular method and test that routing is working. Then check your original code for errors reasons.
I'm doing application testing on Windows Server 2012 to check compatibility of our web apps (in .Net 4) and am having issues loading any ASPX page. I have tried uninstalling and reinstalling all of the .Net, IIS and ASP.Net roles from Server Manager numerous times. I also found that aspnet_regiis no longer works in Server 2012, it just gives a message to use the role/feature pages instead. I'm at a loss, has anyone else tried IIS 8 yet?
I get the following message:
HTTP Error 404.3 - Not Found
The page you are requesting cannot be served because of the extension configuration. If the page is a script, add a handler. If the file should be downloaded, add a MIME map.
Most likely causes:
•It is possible that a handler mapping is missing. By default, the static file handler processes all content.
•The feature you are trying to use may not be installed.
•The appropriate MIME map is not enabled for the Web site or application. (Warning: Do not create a MIME map for content that users should not download, such as .ASPX pages or .config files.)
•If ASP.NET is not installed.
Things you can try:
•In system.webServer/handlers: ◦Ensure that the expected handler for the current page is mapped.
◦Pay extra attention to preconditions (for example, runtimeVersion, pipelineMode, bitness) and compare them to the settings for your application pool.
◦Pay extra attention to typographical errors in the expected handler line.
•Please verify that the feature you are trying to use is installed.
• Verify that the MIME map is enabled or add the MIME map for the Web site using the command-line tool appcmd.exe.
1.To set a MIME type, use the following syntax: %SystemRoot%\windows\system32\inetsrv\appcmd set config /section:staticContent /+[fileExtension='string',mimeType='string']
2.The variable fileExtension string is the file name extension and the variable mimeType string is the file type description.
3.For example, to add a MIME map for a file which has the extension ".xyz": appcmd set config /section:staticContent /+[fileExtension='.xyz',mimeType='text/plain']
Warning: Ensure that this MIME mapping is needed for your Web server before adding it to the list. Configuration files such as .CONFIG or dynamic scripting pages such as .ASP or .ASPX, should not be downloaded directly and should always be processed through a handler. Other files such as database files or those used to store configuration, like .XML or .MDF, are sometimes used to store configuration information. Determine if clients can download these file types before enabling them.
•Install ASP.NET.
•Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:
Module
StaticFileModule
Notification
ExecuteRequestHandler
Handler
StaticFile
Error Code
0x80070032
Requested URL
http://localhost:80/login.aspx
Physical Path
C:\Inetpub\WEBSITE\login.aspx
Logon Method
Anonymous
Logon User
Anonymous
Well, after fighting this issue for the last few days I reset the VM to the base snapshot that I took immediately after finishing the OS install. I followed the exact same steps that I documented during my first runthrough to install the IIS and App Development features then installed my apps and now it works. I have no idea why or how it worked this time where it didn't before, but at least it is working now.
I have a system that allows the users to download some files, the user needs to login first and then he is autorized or not to download. The download page is Download.aspx?FileId=42 and the code within this page opens the file and keeps sending small chunks to the user. We made this because we needed to guarantee that only authorized users could download.
We recently moved this system to IIS7 and it is working properly, but I don't like the idea of having a custom c# code sending the chunks to the client, so I would like to know if there is a way of when a request to file.zip is made, a custom code is executed to authorize or not, and if it is authorized, I just tell IIS7 to proceed the download instead of running the code inside Download.aspx.
Is this possible?
Thanks!
Do a redirect to the zip file. Hide the zip file in a obscure location with non-regular naming. "Security through obscurity."
IIS7 has authorization that uses Forms or Windows authentication for all file types - if it's running in integrated pipeline mode. The syntax is just like that for ASP.NET applications, but it's in a different place in web.config, <system.web>. The rules can also be added using the IIS7 admin interface. There are a couple of differences, IIS7 URL authorization evaluates rules from the parent down and deny rules take precedence.