I have a production OrchardCMS site that is running fine.
Today I copied all of the files from that site to a local server so I could use it for staging and testing changes before deployment. One other little change I made is changed the Orchard instance to use a local full SQL instance instead of Sql CE. (Which is something I will also do in production in the next few days.)
The migration has worked fine. I can load the Orchard instance using localhost on port 2764 (the one I assigned) and it works perfectly ... exactly as on production.
I setup port forwarding on my router to connect to this staging/testing server when connecting on port 2764. (And also created an inbound rule on the local server).
When I access the site on that port from a remote computer, it loads the CONTENT but does not fetch any of the files (CSS, JS, etc.) So I see content but it is raw unformatted html.
I loaded the page in fiddler and it shows a header like this for the sessions...
HTTP/1.1 302 Found
Location: /Users/Account/AccessDenied?ReturnUrl=%2fThemes%2fBootstrap%2fStyles%2fbootstrap.min.css
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Mon, 03 Dec 2012 04:38:01 GMT
Content-Length: 205
and then ...
GET /Users/Account/AccessDenied?ReturnUrl=%2fThemes%2fBootstrap%2fStyles%2fbootstrap.min.css HTTP/1.1
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 3.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 03 Dec 2012 04:38:01 GMT
Content-Length: 2179
If I login to the site (I can still see the login button and subsequent login page) I am successfully logged in and then the website performs perfectly normally...until I log out again.
So the bottom line...anonymous users can see content but OrchardCMS (or IIS ... or both?) will not fetch any of the files it seems.
Any ideas on the cause of this? Thanks for your help.
Seth
It turns out it was a straight up NTFS permissions thing. Anonymous Users were using the IUSR identity which I had not given any permissions. I changed that to use the APP POOL identity and all has been well. I suppose I could also have given read permissions to IUSR.
Related
I recently installed SSL certificate for organization's intranet wordpress site(http to https) and now I'm unable to access Wordpress Admin.
It gave me this error:
HTTP/1.1 400 Bad Request Date: Thu, 18 Aug 2022 02:41:55 GMT Server: Apache/2.4.46 (Win64) OpenSSL/1.1.1k PHP/8.0.3 Content-Length: 226 Connection: close Content-Type: text/html; charset=iso-8859-1
Bad Request
Your browser sent a request that this server could not understand.
I've tried every solutions from Cant login to my wp-admin after switching to SSL but none is working.
Is there anything I'm missing. By the way, we are using F5 to implement the SSL.
Try going to the DB and checking the wp_options table to see what the site URL is. Change it to HTTPS and try?
Wanted to access a local website by
http://127.0.0.1/
http://localhost/
http://192.x.x.x/
but the only reply from any browser was:
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 03 Oct 2013 09:38:48 GMT
Connection: close
Content-Length: 315
There is nothing in the logs about what was wrong with the request
%SystemDrive%\inetpub\logs\LogFiles\W3SVC3
%SystemDrive%\inetpub\logs\FailedReqLogFiles
To solve the problem and access the website added 'localhost', 127... in IIS bindings for this website. Pages are served using these local Urls.
Requests arrived to IIS since as soon as defined the bindings requests are served.
My question: Is there a log or way to trace what was happening with the request before defined localhost binding in IIS? What is returning the 404?
You need to enable failed request tracing on the server and on the site and add a tracing rule to capture 404 requests. That will tell you exactly what the issues is
We have a web-based application that uses Response.Redirect
e.g. Response.Redirect("http://app_domain.com/userhome.aspx")
to redirect the web-browser to an appropriate home page right after form-based authentication. This works fine when the client and server are on the same network.
We have a use-case where this application needs to be accessed externally via a reverse proxy (we're using EZProxy). So the web-browser connects to the reverse proxy and the reverse proxy connects to the application server. In this case, the reverse proxy re-writes all requests and responses. The URL in the web-browser's address bar is something like http://app_domain.com.reverseproxy.com/. The user is able to browser to the sign-in page, put in the credentials and click the sign-in button. However, it seems that the Response.Redirect right after successful sign-in breaks the flow by redirecting the browser to http://app_domain.com/userhome.aspx. The browser cannot connect to this domain directly because it is behind a firewall.
This question is similar to Response.Redirect in ASP.NET AJAX calls. However I see that question doesn't have a satisfactory answer.
Is it possible to use relative paths like
Request.Redirect("~/Userhome.aspx")
or does that get resolved on the server-side before passing to the browser?
The desired outcome would be a redirection mechanism that would take into account the domain / url present in the web-browsers address bar.
Using fiddler, this is what I see. That last redirect is not reverse-proxy friendly.
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/plain; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: .ASPXAUTH=BE3D7796245FEEA18FF92C9BD4B3F68F08C9E22CA209A139FBDC45BD6633788E6E68EE30F2BAE7EB223CA8F492FA93DFE7AB2723A848C6E75DF87B613075AF418D517921E81B2741224D702B9; path=/; HttpOnly
Set-Cookie: .ASPXAUTH=693B8AC69ABB53F7468466C6D10C9BF5BAFB860F76FC557E3DAD9C733223957E3A46FF8E21E6822CD5420F1724C61809DC83FDE7C8E3DF9D4E972E61F7DDEE05C61E8D8AA97107B5B68412AFC347; path=/; HttpOnly
X-Powered-By: ASP.NET
Date: Fri, 15 Jun 2012 20:41:32 GMT
Content-Length: 64
46|pageRedirect||http://app_domain.com/UserHome.aspx|
I have a file proxy IHttpHandler to ensure authentication and to log requests. It works fine on the development server and IIS 6. In IIS 7, I have two problems:
Microsoft Office (Word, Excel...) sends WebDAV requests with OPTION and PROPFIND verbs. ASP.NET throws an exception since it doesn't support them. Is there any way to disable these verbs at the IIS level so that it never reaches ASP.NET? I'm guessing it would be returning a 405 Method Not Allowed error (http://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error).
IIS 7 turns on chunked encoding. In that case the Content-Length header is not valid and apparently IIS 7 removes it: http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.4.4. However, it also removes the Content-Type header, causing the files to show up as text in the browser. So how can I stop IIS 7 from removing Content-Type, OR how do I turn off chunked encoding for this one page? Below are the response headers for you to compare.
Development server response:
HTTP/1.1 200 OK
Server: ASP.NET Development Server/9.0.0.0
Date: Thu, 23 Dec 2010 17:57:09 GMT
X-AspNet-Version: 2.0.50727
Content-Length: 68096
Content-Disposition: inline; filename=test.doc
Cache-Control: private
Last-Modified: Thu, 23 Dec 2010 09:14:18 GMT
Content-Type: application/msword
Connection: Close
IIS 7 response:
HTTP/1.1 200 OK
Cache-Control: private
Transfer-Encoding: chunked
Last-Modified: Thu, 23 Dec 2010 09:30:31 GMT
Server: Microsoft-IIS/7.5
Content-Disposition: inline; filename=test.doc
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Thu, 23 Dec 2010 17:57:59 GMT
My question on chunked encoding was inaccurate. I had made one small change on my development machine: I added Content-Length. On the development machine it didn't make a difference--it always worked. In IIS 7, adding Content-Length actually disabled chunked encoding and everything worked as expected.
For the WebDAV requests, IIS 7 doesn't send them through to ASP.NET so we're fine. The development server does, however. I saw a suggestion to add the DefaultHttpHandler to handle them, but on the development server that means the raw aspx page is served.
At random this output it occurring at the top of the page. Site is installed on a lot of servers issue only happens on one server.
HTTP/1.1 200 OK Date: Mon, 24 May 2010 04:18:30 GMT Server:
Microsoft-IIS/6.0 X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727
Cache-Control: private Content-Type: text/html; charset=utf-8
Content-Length: 39611
Use a diagnostics tool such as Fiddler to work out exactly what server its happening on, and what page is being requested, what is being responded with, etc. Then replay that request to another server. Should be able to sort out the problem from there.