I have read through and tried implementing various documentation regarding '500 - internal server error'; however nothing seems to work.
https://nkfaulknerandsons.co.uk/
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<httpErrors errorMode="Detailed" />
<asp scriptErrorSentToBrowser="true"/>
<rewrite>
<rules>
<rule name="HTTPS Rule" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://(HTTP_HOST)(REQUEST_URI)" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
<urlCompression doDynamicCompression="false">
</urlCompression>
<defaultDocument>
<files>
<add value="untitled-1.html" />
</files>
</defaultDocument>
<authorization>
<allow users="?" />
</authorization>
</system.webServer>
<system.web>
<customErrors mode="Off" />
<compilation debug="true" />
</system.web>
</configuration>
Related
In web.config, what is the equivalent of system.web>compilation[tempDirectory] attribute but using the more up to date system.webServer instead of system.web?
Here is what I need to add to my web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation tempDirectory="W:\vhosts\mysite.com\tmp" />
</system.web>
</configuration>
However, my current web.config relies on system.webServer, not system.web and adding the attribute results in an internal server error 500.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<urlCompression doDynamicCompression="true" doStaticCompression="true" dynamicCompressionBeforeCache="true"/>
<rewrite>
<rules>
<rule name="Angular Routes" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="./index.html" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
compilation[tempDirectory] is depending on system.web, so you cannot add it in system.webServer.
But system.web and system.webServer can both exist in web.config. They won't lead to conflict.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.web>
<compilation tempDirectory="W:\vhosts\mysite.com\tmp" />
</system.web>
<system.webServer>
<urlCompression doDynamicCompression="true" doStaticCompression="true" dynamicCompressionBeforeCache="true"/>
<rewrite>
<rules>
<rule name="Angular Routes" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="./index.html" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I was creating rules on IIS 10.0 with URL Rewrite 2.0 like HSTS, XSS Protection...
Everything works fine on IIS 10.0, but when i send the web.config to the IIS 8.5 (with URL Rewrite 2.0 installed) returns 403 invalid credentials.
The old IIS 8.5 web.config was:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<defaultDocument>
<files>
<remove value="index.html" />
<remove value="Default.asp" />
<remove value="Default.htm" />
<remove value="index.htm" />
<remove value="iisstart.htm" />
<add value="Attendance.htm" />
</files>
</defaultDocument>
<security>
<requestFiltering allowDoubleEscaping="true">
<verbs>
</verbs>
</requestFiltering>
</security>
<handlers>
<remove name="CGI-exe" />
<add name="CGI-exe" path="*.exe" verb="*" modules="CgiModule" resourceType="Either" requireAccess="Execute" allowPathInfo="true" />
</handlers>
</system.webServer>
</configuration>
"requireAccess=Execute"
And the web.config on IIS 10.0 that not worked on IIS 8.5 is:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers accessPolicy="Read, Execute, Script" />
<security>
<requestFiltering allowDoubleEscaping="true">
<verbs>
</verbs>
</requestFiltering>
</security>
<rewrite>
<outboundRules>
<rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
<match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" />
<conditions>
<add input="{HTTPS}" pattern="on" ignoreCase="true" />
</conditions>
<action type="Rewrite" value="max-age=31536000; includeSubDomains; preload" />
</rule>
<rule name="Remove Server Header">
<match serverVariable="RESPONSE_SERVER" pattern=".+" />
<action type="Rewrite" value="-" replace="true" />
</rule>
<rule name="Remove X-POWERED-BY Header">
<match serverVariable="RESPONSE_X-POWERED-BY" pattern=".+" />
<action type="Rewrite" value="-" replace="true"/>
</rule>
<rule name="RESPONSE_X-ASPNET-VERSION">
<match serverVariable="RESPONSE_X-ASPNET-VERSION" pattern=".+" />
<action type="Rewrite" value="-" replace="true" />
</rule>
<rule name="RESPONSE_X-ASPNETMVC-VERSION">
<match serverVariable="RESPONSE_X-ASPNETMVC-VERSION" pattern=".+" />
<action type="Rewrite" value="-" replace="true" />
</rule>
<rule name="Add HttpOnly" preCondition="No HttpOnly">
<match serverVariable="RESPONSE_Set_Cookie" pattern=".*" negate="false" />
<action type="Rewrite" value="{R:0}; HttpOnly" />
<conditions>
</conditions>
</rule>
<rule name="SameSiteCookie">
<match serverVariable="RESPONSE_Set-Cookie" pattern="^(.*)(CFID|CFTOKEN|JSESSIONID)(=.*)$" />
<action type="Rewrite" value="{R:0};SameSite=Strict" />
</rule>
<preConditions>
<preCondition name="No HttpOnly">
<add input="{RESPONSE_Set_Cookie}" pattern="." />
<add input="{RESPONSE_Set_Cookie}" pattern="; HttpOnly" negate="true" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
<httpProtocol>
<customHeaders>
<add name="X-XSS-Protection" value="1; mode=block" />
<add name="X-Content-Type-Options" value="nosniff" />
<add name="Expect-CT" value="max-age=0" />
<add name="X-Frame-Options" value="sameorigin" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
"Accesspolicy = read,execute, script"
I was thinking that is something related with the HSTS policy, or the Access Policy have differences between both (one is execute and another read,execute,script). or maybe the URL Rewrite need to disable the Required SSL.
Anyone had any idea?
This problem should be related to your IIS version, Before IIS 10.0 version 1709, enabling HSTS on an IIS server requires complex configuration. and the new feature introduced in IIS 10.0 version 1709 is HTTP Strict Transport Security (HSTS).
More information you can refer to this link: IIS 10.0 Version 1709 HTTP Strict Transport Security (HSTS) Support.
I have an Angular 4 app in a IIS server, in the same server there is a .NET Web API. They are in diferents folders: angular app is in "/wwwroot/angular/" and web api in "/wwwroot/api/". When I do a request to web api, it works successfully, but when I try to navigate to an URL different to index.html using the Routing Module in angular app I get this message:
500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.
Also, I have two Web.Config files -one in each folder-.
My Angular Web. Config is:
<system.webServer>
<rewrite>
<rules>
<rule name="Angular Routes" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true"/>
</conditions>
<action type="Rewrite" url="/index.html" />
</rule>
</rules>
</rewrite>
</system.webServer>
Web.config of WEB API
<configuration>
<system.webServer>
<handlers>
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<remove name="OPTIONSVerbHandler" />
<remove name="TRACEVerbHandler" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
</configuration>
I researched in some questions like:
stackoverflow.com/questions/49833141/blank-page-when-publishing-angular-5-net-core-web-api
and
stackoverflow.com/questions/42865084/redirect-unknown-requests-to-index-html-in-springboot
But they doesn't work to me.
Anybody help me on this.
Thanks in advance.
The solution was move all the Angular files to root, at index.html I left <base href="/"> and make the web.config like this:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rewriteMaps>
<rewriteMap name="^(.*)$" />
</rewriteMaps>
<rules>
<rule name="Angular Route" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_URI}" pattern="/api(.*)$" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Rewrite" url="/index.html" />
</rule>
</rules>
</rewrite>
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="?" />
</authorization>
</security>
</system.webServer>
</configuration>
In your web.config change <action type="Rewrite" url="/FIN360" /> and in your index.html from the <base href="/"> remove the / Try this else change <base href="./"> OR <base href="/FIN360">
I have finished an ASP.NET web site after making tests.
I am using UrlRewritingNet dll from http://www.urlrewriting.net/
Then I have published it in order to upload my server (Windows 7, IIS 7 installed). After typing my site's URL I get 404 - Not found error. This is because of missing or bad configuration on the server side. But I do not know what to do exactly.
Searched many times but could not find anything close to my problem.
For a last chance I am here. Can you help?
You can see my web.config content in the following:
<?xml version="1.0"?>
<!--
For more information on how to configure your ASP.NET application, please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<section name="urlrewritingnet" requirePermission="false" type="UrlRewritingNet.Configuration.UrlRewriteSection, UrlRewritingNet.UrlRewriter"/>
</configSections>
<system.web>
<httpModules>
<add name="UrlRewriteModule" type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter"/>
</httpModules>
<compilation debug="true" targetFramework="4.0"/>
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true"/>
<handlers>
<remove name="PageHandlerFactory-ISAPI-4.0_32bit"/>
<add name="PageHandlerFactory-ISAPI-4.0_32bit" path="*.aspx" verb="GET,HEAD,POST,DEBUG" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="Script" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0"/>
<add name="reww" path="*" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="None" preCondition="classicMode,runtimeVersionv4.0,bitness32"/>
<add name="rewwibu" path="*.ibu" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" preCondition="classicMode,runtimeVersionv4.0,bitness32"/>
</handlers>
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
<urlrewritingnet configSource="ExternalRewrite.config"/>
</configuration>
This is my new Web.Config File:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<rewrite>
<rules>
<rule name="GoAnasayfa">
<match url="^([_0-9a-z-]+)/Anasayfa.ibu" ignoreCase="false" />
<action type="Rewrite" url="Default.aspx?lang={R:1}" appendQueryString="false" />
</rule>
<rule name="GoIletisim">
<match url="^([_0-9a-z-]+)/Iletisim.ibu" ignoreCase="false" />
<action type="Rewrite" url="Contact.aspx?lang={R:1}" />
</rule>
<rule name="GoDereceProgramlari">
<match url="^([_0-9a-z-]+)/DereceProgramlari/([_0-9a-z-]+).ibu" ignoreCase="false" />
<action type="Rewrite" url="DegreePrograms.aspx?lang={R:1}&derece={R:2}" />
</rule>
<rule name="GoOgrenci">
<match url="^([_0-9a-z-]+)/Ogrenci.ibu" ignoreCase="false" />
<action type="Rewrite" url="Ogrenci.aspx?lang={R:1}" />
</rule>
<rule name="GoKatalog">
<match url="^([_0-9a-z-]+)/([0-9]+)/([0-9]+)/([0-9])/Katalog.ibu" ignoreCase="false" />
<action type="Rewrite" url="Catalog.aspx?lang={R:1}&opID={R:2}&pmID={R:3}&oid={R:4}" />
</rule>
<rule name="GoDersDetay">
<match url="^([_0-9a-z-]+)/([0-9]+)/([0-9]+)/([0-9])/([0-9])/DersAyrintilari.ibu" ignoreCase="false" />
<action type="Rewrite" url="CourseDetail.aspx?lang={R:1}&opID={R:2}&pmID={R:3}&DersID={R:4}&dersKodu={R:5}" />
</rule>
<rule name="GoLLPKoordinatorleri">
<match url="^([_0-9a-z-]+)/LLPKoordinatorleri.ibu" ignoreCase="false" />
<action type="Rewrite" url="Coordinators.aspx?lang={R:1}" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
When I type my web adress the address bar is filled with lang parameter like below:
http://somedomain.com/tr-TR/Anasayfa.ibu?lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr&lang=tr-tr....
and then browser shows an error message:
Invalid Redirect URL
Try to add:
<add name="UrlRewriteModule" type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter"/>
<remove name="Session"/>
<add name="Session" type="System.Web.SessionState.SessionStateModule"/>
to your web.config under
<configuration>
...
<system.webServer>
...
<modules>
<!-- add here -->
</modules>
</system.webServer>
...
</configuration>
Why not use the URL rewrite module from Microsoft?
http://www.iis.net/learn/extensions/url-rewrite-module/using-the-url-rewrite-module
Be sure to install the correct version based on your system's setup. Then you can proceed with creating your rewrite rules as demonstrated here:
http://www.iis.net/learn/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module
Below is my web.config file. I want automatic redirection of http url to https. I tried the follwing but it is not working.
IIS7 with SSL Required checked in SSL settings.
Can anyone help please.
Thanks
<configuration>
<configSections>
<sectionGroup name="system.webServer">
<sectionGroup name="rewrite">
<section name="rewriteMaps" overrideModeDefault="Allow" />
<section name="rules" overrideModeDefault="Allow" />
</sectionGroup>
</sectionGroup>
</configSections>
<system.webServer>
<rewrite>
<rules>
<rule name="Redirect to HTTPS" enabled="true" stopProcessing="true">
<match url="^(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Found" />
</rule>
</rules>
</rewrite>
<defaultDocument>
<files>
<add value="index.asp" />
</files>
</defaultDocument>
</system.webServer>
<system.web>
<customErrors mode="Off" />
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
</system.web>
Uncheck the "Require SSL"-- for the redirect to work, you have to accept the initial request on HTTP first.
EDIT
Second point. You're selecting input based on HTTPS. You need to negate the condition like this:
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTPS}" pattern="off" negate="true" />
</conditions>