We have a local instance of IIS 7 running with a website. Instead of the default "localhost" we have something like, mysite.compname.com. This is a separate entry into IIS 7 and the default website was removed to prevent confusion.
Then in our host file we an entry like this:
127.0.0.1 mysite.compname.com
Now when I try to hit this url, http://127.0.0.1/ApplicationName/Project/AddProject.aspx technically it should work, but instead I get a 404. I can vouch that this isn't a problem with the application, because if I navigate to http://mysite.compname.com/ApplicationName/Project/AddProject.aspx it works fine.
My end goal is to be able to give someone my computer name, so that they can visit a test page, so the url above I think would get turned into this http://computername/ApplicationName/Project/AddProject.aspx. Any help or at least links to understanding would help because I'm not sure where my issue is coming from.
It sounds like the IIS site / application is configured using a Host Header.
This means that the site will only respond if the host header sent by the browser matches the one configured for the site.
This is a standard method to allow one server to host sites for many host and domain names.
If you wish to allow others to view the site on your computer you will need to either have a local DNS server which you can edit, or, probably the easiest option, get them to edit their host files to include
<your IP> mysite.compname.com.
Remember to open the requisite ports (probably only 80, maybe 443 for https) in your firewall.
Or, you can try to edit the site config to remove or modify the Host Header requirement. See the first link for details, but be careful, it's easy to break things if you don't know the entire architecture of the site.
Related
I installed an ASP.net application on a windows Azure VM (IIS 7). SSL certificate is installed, configured and the application works correctly. I have removed Http binding and http endpoints.
The issue I am having is that if I use the cloudapp.net link (using https), the application still opens with a mismatched certificate.
What can I do to deny any user from opening my application using https://xx.cloudapp.net/x?
It seems really silly that people are saying this isn't the right place for this question, since some of the solutions could be code related. ie: In your application, check the host and if it's cloudapp.net, do a URL redirect.
There's a few different options here but it sounds like what you're looking for is just the ability to prevent someone from viewing the application using that URL.
What I would do is set up a site in IIS that uses Host Header resolution to look for xx.cloudapp.net. If that URL is recognized, do a redirect using the HTTP redirect settings to the https version of your app. Don't bind the SSL port to this site or you'll run into SSL errors like you showed above.
The other option is to leave it out entirely and simply use the Host Header resolution to filter out requests for your site. I suspect what you've done is assign all incoming requests to the only IP address on the system, which is why the xx.cloudapp.net is showing your app and the cert is failing.
This would cause xx.cloudapp.net to fail to show any site at all but I think that might be what you want to do anyway.
On my Nginx I've got two hosts.
One with the values
server_name = www.mydomain.com;
root /var/www/production/myFirstWebSite;
and the other with
server_name=localhost;
root /var/www/development/mySecondWebSite;
To my domain registrar account I configured the DNS with two A record "
www IN A myIP
IN A myIP
This is cool, i can reach my first website with www.mydomain.com or mydomain.com.
Now the problem is how to reach my second website which is in development and I don't buy the domain name. And myIP/development/myScondWebSite is no more working ...
I think that the problem come from the DNS entries but I'm not sure.
Do you've got some ideas ?
Thanks in advance.
There's a couple of ways I could think of to access the localhost one.
Creating a subdomain instead of localhost
This is the best one I'd recommend, try doing something like server_name localhost.mydomain.com.
If you need to put further security, you could make it only allow a certain IP(s) or a range of IPs.
Play with your hosts file
In this specific case I would not recommend this, because you're messing with localhost it self, might break some other stuff on your machine, if it was any other name I could have said it's fine.
Use an ssh tunnel to the server
In this method you create a dynamic port on your ssh connection and set your browser to pass all traffic through tunnel which goes to the server then it's handled from there, so if you run localhost for example it would be like running localhost from over there, but since this involved a browser setting, you need to remember to disable it after you disconnect the ssh connection otherwise the browser would return an error saying that the proxy server is refusing the connection.
Using a local Nginx as a proxy
This one I just came up with right now, and I can't say If it would work or not, the 3 before I've worked with before and I know they work.
You'd set a certain domain name that your local nginx would capture and then proxy it to the remote server, but edit the host header setting it to localhost instead, that way it would match the localhost in the remote machine, if this one works it would not need any setting to be turned on and off every time.
Out of all these, I'd recommend the first one first (if it's an option), then try the last one if you don't want to keep turning things on and off before and after each setting.
My client has a website that is showing some strange behavior. The site is built in ASP.Net and used to be hosted on their internal network. It's now been moved to a different server outside their network. They have other sites hosted on the same server, some built using DotNetNuke, and some classic ASP. All these sites are hosted on one application server, with a database (SQL Server 2008) on a separate server (which is on the same network as the application server). They share the application server, and the database server.
Now that this site has been moved to the outside server, they can't access it. I can, and so can others that I work with (from different IPs, across the country). But the client can't from their network. They can access the landing page subsite.clientdomain.com (no db access), but nothing else. So, for instance, there's a link to subsite.clientdomain.com/folder. When they click that link, the URL changes to subsite.com/folder, which does not work. For myself and others not at the client site, the URL does not change and opens with no problems.
I didn't write the site, and didn't even know it existed before this problem cropped up, so I know very little more than this. Any help is appreciated.
I'm going to go with Martijn B's answer. There's a DNS issue on the internal network. Somewhere on of the DNS servers is a definition that maps http://companywebsite to an ip address like 192.168.1.20 or whatever.
I would open a command prompt on your PC and type
ping new_website_name.com
Take a look at the IP address that comes back. You can also do an nslookup on new_website_name.com that will give you more information. If you (person A) gets one IP address and Person B (inside the network) gets a different IP address....there is definitely a DNS issue on the internal network.
You're going to have to do some network tracing to determine exactly where any redirection is occurring. Given that the problem is only manifested in certain locations, it is likely that it is a function of network configuration in that location (as previously suggested). Without understanding exactly what redirection is occurring, it would be unwise to make configuration changes that might make the problem worse or introduce new issues.
A DNS server cannot AFAIK redirect to a different URL. So something is redirecting from subsite.clientdomain.com/folder to subsite.com/folder, which could be caused by a HTTP redirect. This can be triggered by the software/website itself or by IIS.
I'm setting up a (ASP.NET) website to be used internally at my company. In IIS, I've turned on Integrated Windows authentication and turned off anonymous access. Once I've done this, the website pops up the "enter your username/password" box whenever you visit the site, but won't log you in even if the username/password are correct. This happens even if you're logged in to your computer with a domain account as opposed to a local account.
However, if I enter the IP of the site in my hosts file, the site works perfectly (logs the user in without the additional challenge).
I guess I have two questions.
1) Why does the hosts entry have this affect?
2) How can I get the site to succeed without a) forcing everyone to edit their hosts file or b) the site challenging them and failing to log them in?
EDIT: I checked, and we do have our DNS server set up to point those URLs to the correct servers. That's why pinging the URL displays the right IP. However, it appears that in addition to having that DNS entry, we also have to have the hosts file entry for the site to work.
You probably are having an issue with Kerberos authentication.
Since you're using a url of Site.DomainName.com, I'm assuming DomainName.com is your AD's name also.
On the server that's running IIS, copy SetSPN.EXE from the resource kit tools and run the following:
setspn -A http/site.domainname.com IISServerName
Where SITE is your URL and IISServerName is the name of the server.
This sure sounds like a dns problem. Does the dns server know about the hostname you are using? Sounds like the dns server does not know the forward lookup (hostname to ip) for the host you are trying to connect to.
We recently set up an intranet site with windows authentication here. The network guys setup a group policy and pushed changed to IE and Firefox.
For IE, it added the site to "Intranet Sites" and for Firefox it modified the configuration file so that our intranet..com would be trusted.
So... we got it to work. Here's what happened.
While looking around at the DNS Manager on test.DOMAINNAME.com, my coworker noticed that a different site on the same server was set up as a "Host (A)" entry, whereas the site we were working on was set up as an "Alias (CNAME)" entry. Several other sites on that computer were also set up as Alias entries, and he mentioned that the one site with the Host entry was "rock-solid", and he'd had sporadic issues with at least one other site that was set up as an Alias.
We talked to the AD/DNS admin, and as a test, he switched our entries from Alias to Host, and once we cleared our local DNS caches, it worked perfectly (without requiring entries in our .hosts file).
So the question still sorta stands. This was a Win2k3 box serving as one of three internal DNS servers, and making this modification fixed our problem. If anyone can add any additional information, we'd be very grateful, but in the meantime, we're debating going back and fixing all our other sites.
I would like to know if it is possible using IIS and ASP.NET (and ideally something that might be employed on a shared hosting account, but this isn't required) to mimic WordPress.com's ability to allow end users to use their own domain names.
WordPress has users who own their own domains change the domain's DNS settings to point to WordPress's own DNS. My guess is this is not something that would be able to be done on a shared hosting account since it would involve adding an entry to the DNS server's table for each custom user domain.
However, for future reference, is this something that might be automated programmatically on perhaps a VPS?
My guess is this is not something that would be able to be done on a shared hosting account
You're nearly correct. The default site in IIS listens to all connections on port 80 for the default IP address.
You can add more sites in 3 ways:
Add new sites listening on different ports. This is not entirely practical if you want "ordinary" sites litening on port 80.
Add more IP addresses to the box (not too eaisly done) and set up new IIS sites to listen to the new IP addresses independently.
Add new sites to the server listening to different "host headers" (domain names to you and I) but on the same (default) IP address .
So called "Shared hosting" usually uses options 3, because a hosting company can get away with only using a single IP address for possibly hundreds of sites.
Therefore you would have to go through the tedious process of adding each host header to the box, and while I'm almost certian this could be done with Wscript, I'm no expert in that area.
If you really wanted to get into it, you could write an ISAPI module to intercept the calls and set up some clever (ish) database/hash table of domain names and target folders to server as the different sites.
Bottom line is, there are various ways to achieve this on Windows. Probably none quite as easy as on a *nix platform where everything is super-scriptable.
What we do is have a wildcard DNS entry set up for our domain. That way, whatever domain the user types will resolve to our website as long as it ends with ".mydomain.com". Then our .Net code just looks at the "HOST" header coming in and serves up the content that matches that domain name.