Is there a way to rebuild the applicationHost.config file in IIS 7 with a Windows command? Or if you can help me fix the issue by modifying this file, that's fine too. When comparing this file to other servers, I'm noticing very important sections that are missing or different after deleting a site and a few application pools.
I am by no means an expert in IIS 7, but I've been using it for 7 years now. I am confident have performed all of the proper steps for a new site configuration and it still gives me this error, "401.1 "You are not authorized to view this page. You do not have permission to view this directory or page using the credentials that you supplied."
C:\Windows\System32\inetsrv\config\applicationHost.config
This happened on a machine where IIS APPPOOL{app pool user} doesn't exist, so we've never used this user, like I normally do when configuring permissions. We did however add proper permissions to IIS_IUSRS (with IUSR in this group) last week, and the site worked fine. We're using Windows Authentication, and all other authentication methods are turned off. No virtual directories. We are using .NET 4.0, Classic, and 32 bit app (under advanced settings).
We had to manually update the host name by doing the following command in "C:\Windows\System32\inetsrv" on the binding because IIS would grey out the host name when the VeriSign SSL certificate was added to the binding.
appcmd set site /site.name:"himc" /+bindings.[protocol='https',bindingInformation='*:443:subdomain.domain.com']
Missing sections on "bad" web server:
1 - exists on "good" box, missing on "bad" box
<customMetadata>
<key path="LM/W3SVC/INFO">
<property id="4012" dataType="String" userType="1" attributes="Inherit" value="NCSA Common Log File Format,Microsoft IIS Log File Format,W3C Extended Log File Format,ODBC Logging" />
<property id="2120" dataType="MultiSZ" userType="1" attributes="None" value="400,0,,,0
" />
</key>
</customMetadata>
2 - exists on "good" box, missing on "bad" box
<asp>
<cache diskTemplateCacheDirectory="%SystemDrive%\inetpub\temp\ASP Compiled Templates" />
</asp>
3 - this section exists on the "good" box, but only 2.0 (first 2 lines) exist on the "bad" box.
<isapiFilters>
<filter name="ASP.Net_2.0.50727.0" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness32,runtimeVersionv2.0" />
<filter name="ASP.Net_2.0.50727-64" path="%windir%\Microsoft.NET\Framework64\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="bitness64,runtimeVersionv2.0" />
<filter name="ASP.Net_2.0_for_V1.1" path="%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv1.1" />
<filter name="ASP.Net_4.0_64bit" path="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv4.0,bitness64" />
<filter name="ASP.Net_4.0_32bit" path="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_filter.dll" enableCache="true" preCondition="runtimeVersionv4.0,bitness32" />
</isapiFilters>
4 - this section exists on "bad" box, but is missing on the "good" box
<applicationDependencies>
<application name="Active Server Pages" groupId="ASP" />
</applicationDependencies>
5 - ssiExecDisable property is missing on "good" box
<serverSideInclude ssiExecDisable="false" />
6 - section missing on "bad" box
<authentication>
<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />
</authentication>
Apparently, Microsoft keeps a history of these files in:
C:\inetpub\history\
Do a backup of all config files first!
So apparently, IIS keeps a history of the config files in C:\inetpub\history. So what you need to do is remember the last known date IIS worked fine and then copy the contents of the config file from c:\inetpub\history and replace config files in c:\windows\system32\inetsrv\config.
Good luck!
If you just want to modify currently active applicationHost.config take a look at this article:
Editing Applicationhost.config on 64 bit Win2008
As the article says, for some reason applicationHost.config is visible only using Explorer (which explains why I wasn't seeing file from my custom file manager) and you can edit it without problems using Notepad (again, any other editor and you'll run into problems).
The inetpub history folder saved my butt. I simply restored the two files in the root folder and wallah problem solved.
To install a backup of an older configuration, you can use the command:
c:\windows\system32\inetsrv\appcmd restore backup CFXHISTORY_xxxxxxxx
where CFXHISTORY_xxxxxxxx is a sub folder of C:\inetpub\history\.
Not sure what the command does besides copying files from that folder to the current configuration, but you should probably use it in case it does do something special.
Or you can just copy the file from the backup as explained in https://stackoverflow.com/a/14859645/2279059
Related
I am running IIS under Windows Server 2016 and I'm trying to run an ASP.Net core 3.1 application but I can't get past this error:
500.19 error
(The language in the picture is Hungarian, but it contains no useful information whatsoever, just an example)
Here is my web.config
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<location path="." inheritInChildApplications="false">
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath=".\Minibizz.Routing.Web.exe" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess" />
</system.webServer>
</location>
</configuration>
What am I missing?
P.S.: The web.config was created by Visual Studio 2019.
The reason behind the issue:
That error message goes on to say what exactly is bad about your configuration file, hence you should refer the “Config Error” and “Config Source” sections. This problem occurs because of the ApplicationHost.config file or the Web.config file contains a malformed or unsupported XML element.
if you are using url rewrite rule then install url rewrite Extention of iis. Enable ANCM logging, ie. set stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout\" (I think the path needs to end by a backslash), then run the web app and see if something gets logged into the stdout folder. Verify that the log directory exists at the path referenced by the web config. If it does not, create it. The path shown in your config would place the "logs" directory in the root folder of the deployed site. Verify that the application pool has to write access to the logs directory.
Make sure you installed the .net bundle.check that you installed below iis feature:
You may also need to verify that the path to the dotnet executable exists in the deployment machine's environment variables. To check this, first find the path where dotnet.exe is installed. It is generally located in either C:\Program Files\dotnet or C:\Program Files (x86)\dotnet. Once you know the path, ensure that the path exists in your Environment Variables.
The web.config content seems to be correct. If you use a clean web.config copy, does the problem persist? If the issue can be solved by replacing web.config with clean configuration content, then the problem is exactly with this web.config. In this case, I suggest you remove parts of the web.config content to narrow down the issue. If the pages show correctly after you remove one section, then the problem is with that section. You need double-check what's wrong with the section and update the correct configuration.
If the problem remains even with clean web.config content, I suggest you access other pages in different folders in your site to see if the problem still exists.
you could refer this below link for how to publish asp.net core site in iis:
https://learn.microsoft.com/en-us/aspnet/core/tutorials/publish-to-iis?view=aspnetcore-3.1&tabs=visual-studio
I have an asp.net mvc web page. I'm using config transforms with it. The config transform in the bin directory is correct. However, when I debug with IIS express, all the app settings being used are actually from the original web.config, not the transformed web.config in the bin folder. If I rename the web.config to something else in the root folder, debugging will halt as soon as it tries to read a connection string because it says it's not initialized. What is the problem?
Transformations only apply when you publish the project. However their is a hack to it
You can try using the below code. Your original configuration should be in Web.Base.Config
<Import Project="$(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)\WebApplications\Microsoft.WebApplication.targets" />
<Target Name="BeforeBuild">
<TransformXml
Source="Web.Base.config"
Transform="Web.$(Configuration).config"
Destination="Web.config" />
</Target>
You can also refer to below URL as sometime it makes transformation twice and you need to add steps for beforebuild
https://sebnilsson.com/blog/asp-net-transform-web-config-with-debug-release-on-build/
I recently moved my "My Documents" folder from the C: to the D: drive. This seems to have broken my ability to debug web app in Visual Studio. I'm assuming that visual studio creates entries like the following in applicationhost.config, and I am wondering where the first physicalPath for the root virtualDirectory comes from, as I am fairly certain that is the problem (I've pretty much confirmed that VS creates an entry like the following when a solution is opened):
<site name="My.Application-Site" id="2">
<application path="/" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="C:\Users\myname\Documents\My Web Sites\My.Application-Site" />
</application>
<application path="/My" applicationPool="Clr4IntegratedAppPool">
<virtualDirectory path="/" physicalPath="D:\repos\MyCheckout\My\My.Application" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:49924:localhost" />
</bindings>
</site>
When I try to run the app in debugger, the browser pops up with an error, the relevant bits of which are below. Notice the path to web.config still uses C:, even though it seems to know the right place for tracelogfiles:
HTTP Error 500.19 - Internal Server Error
The requested page cannot be accessed because the related configuration data for the page is invalid.
Config Error Cannot read configuration file
Config File \\?\C:\Users\myname\Documents\My Web Sites\My.Application-Site(2)\web.config
Requested URL http://localhost:50616/My/
Request Tracing Directory D:\users\myname\My Documents\IISExpress\TraceLogFiles\
So the question is where in Visual Studio (or IIS) is the path for the web.config file determined, and how do I change it. And/or is there some other reason or insight anyone can provide as to why I am getting this 500.19 error?
Another recent change (other than moving My Documents) is I uninstalled a trial of VS Ultimate 2013 and installed VS Pro 2013 -- could that have somehow caused this? Both of changes have been made between the time I was last able to debug the app normally and getting this error.
For someone looking for an answer to "where in Visual Studio (or IIS) is the path for the web.config file determined, and how do I change it" or "I moved my application from its origin folder"
Right-click in Project Properties > Web Tab and Create Virtual Directory buttom.
It all happened when I was developing (and debuging, of course) my application on two different machines, with different paths (and Drives) to the source code managed by git.
Hope it helps
I've just created a WiX v3.5 installer to install my Web application to IIS7. I have custom actions to allow the user to choose which website and app pool they want and to name the Virtual directory via the dialogs.
But now I've come to authentication and I'm stumped. I am trying to enable impersonation and allow the user to enter their impersonation login and password. I had this working fine in my Visual Studion 2010 setup projects so now I need to replicate the same in WiX.
Aparently this can be done via an appcmd as per this question: Is setting "ASP.NET Impersonation" possible using WiX 3.x with IISExtension? but I can't seem to get this working. Can i add this in my product.wxs and wrap it in a custom action? Any ideas anyone? Any help would be appreciated?
appcmd set config /commit:WEBROOT/section:identity /impersonate:true
Hi I managed to get this working myself , so if anyone else is having the same issue , i fixed this by modifying my web.config during my install:
To do this i added the following code to my product.wsx to edit my web.config , using properties which i assigned to text boxes in a new dialog to allow the user to enter the impersonation username and password on install :
<Component Id="Web.config" Guid="2ED81B77-F153-4003-9006-4770D789D4B6">
<File Id="Web.config" Name="Web.config" Source="$(var.SolutionDir)MyWebApp\Web.config" DiskId="1" KeyPath="yes" />
<util:XmlFile Id="system.webidentity" File="[INSTALLLOCATION]Web.config" Action="createElement" ElementPath="/configuration/system.web" Name="identity" Sequence="1" />
<util:XmlFile Id="system.webIdentityAttribute" Action="setValue" File="[INSTALLLOCATION]Web.config" ElementPath="/configuration/system.web/identity" Name="impersonate" Value="true" Sequence="2" />
<util:XmlFile Id="system.webIdentityAttribute2" Action="setValue" File="[INSTALLLOCATION]Web.config" ElementPath="/configuration/system.web/identity" Name="password" Value="[IMPERSONATIONUSERPASSWORD]" Sequence="3" />
<util:XmlFile Id="system.webIdentityAttribute3" Action="setValue" File="[INSTALLLOCATION]Web.config" ElementPath="/configuration/system.web/identity" Name="userName" Value="[IMPERSONATIONUSER]" Sequence="4" />
Note if you are adding your files automatically to your Wix project using msbuild and heat , you'll have to ensure you arent copying your web.config here , or if you are , remove my web.config your Target settings. Otherwise you'll get duplication errors .
<Target Name="BeforeBuild">
<MSBuild Projects="%(ProjectReference.FullPath)" Targets="Package" Properties="Configuration=$(Configuration);Platform=AnyCPU" Condition="'%(ProjectReference.PackageThisProject)'=='True'" />
<Delete Files="%(ProjectReference.RootDir)%(ProjectReference.Directory)obj\$(Configuration)\Package\PackageTmp\web.config">
</Delete>
<PropertyGroup>
<LinkerBaseInputPaths>%(ProjectReference.RootDir)%(ProjectReference.Directory)obj\$(Configuration)\Package\PackageTmp\</LinkerBaseInputPaths>
</PropertyGroup>
<HeatDirectory OutputFile="%(ProjectReference.Filename).wxs" Directory="%(ProjectReference.RootDir)%(ProjectReference.Directory)obj\$(Configuration)\Package\PackageTmp\" DirectoryRefId="INSTALLLOCATION" ComponentGroupName="%(ProjectReference.Filename)_Project" SuppressCom="true" SuppressFragments="true" SuppressRegistry="true" SuppressRootDirectory="true" AutoGenerateGuids="false" GenerateGuidsNow="true" ToolPath="$(WixToolPath)" Condition="'%(ProjectReference.PackageThisProject)'=='True'" /> </Target>
If i have a page on my website called blah.aspx then there will be another file there called
blah.aspx.vb
I can browse to blah.aspx but if I try to browse to blah.aspx.vb, I'll get 'file not found' page.
If I change the name of blah.aspx.vb to blah.zip it can be downloaded via the browser.
If I change the name to blah.qaz I'll get the 'file not found' again.
I suspect that the server will not allow the .aspx.vb file to be downloaded but if it doesn't protect a .zip file why does it protect a made up .qaz or is that just a shortcoming of the browser?
Are there file extensions that a server will actively protect?
Are there file extensions it deliberately won't hide (e.g zip)?
What are the rules and where can you find them?
IIS 7 maps 'allowed' extensions (or extensions that it will handle) in the applicationhost.config file.
If you really want to allow a 'qaz' extension, you could add a mimeMap to add it as static content. Don't know what webserver you're using, but if you're on II7+, you should be able to add it to your web.config:
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension=".qaz" mimeType="text/plain" />
</staticContent>
</system.webServer>
</configuration>
If you're on an earlier version of IIS, then it's a different ballgame. If you're on some other webserver, you'll have to search around for the configuration information, but most will have some configuration file that states which extensions they are ok serving.