I've recentley moved my entire website from the root directory into a secure folder, but when I try to access it I now get a error: Runtime Error - Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
Does anyone know what I'm doing wrong?
Set it to off to view the error (only if it's on a staging, non-production server). Remove the custom error page to see what's going on. Try and re-create the error on your dev machine first. You also have the option of logging or emailing the error stack to yourself.
Instead of moving the entire site to a "secure folder", implement some form of authentication for the pages you wish to protect.
Related
I made this website of mine but now , someone E-mailed me and reported the following error:
Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current
custom error settings for this application prevent the details of the
application error from being viewed remotely (for security reasons).
It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be
viewable on remote machines, please create a <customErrors> tag within
a "web.config" configuration file located in the root directory of the
current web application. This <customErrors> tag should then have its
"mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a
custom error page by modifying the "defaultRedirect" attribute of the
application's <customErrors> configuration tag to point to a custom
error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly"
defaultRedirect="mycustompage.htm"/>
</system.web>
I wanted to know is this dangerous for my website?Can it be used to hack my website?If yes , how?
I can't change anything because I don't have access to my website for the following 4 months.
In short: Its NOT dangerous, It does NOT give any information about the error, just that it happened. It might give some information about the type of server you have, but thats already probably in your server banner (and elsewhere). I would not worry about it.
Im working with Visual Studio 2012 Web Forms the website is starting normally when i open it from local server but when i move the files to GoDaddy hosting into httpdocs this error appears
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
Your code is throwing an exception that you can't see. Change your code to mode="Off" as the message indicates. Long term I would recommend using a logging tool like ELMAH so you can see the exceptions and give end users the friendly page. http://www.hanselman.com/blog/ELMAHErrorLoggingModulesAndHandlersForASPNETAndMVCToo.aspx
The situation is described by this question where the user updates the Web.config and he gets a weird error (completely unrelated from the real problem).
https://stackoverflow.com/a/7142817/196210
Is it possible to tell IIS to avoid creating problem when the config file is edited?
It appears that the problem is related to editing the file with VS.NET while editing it with Notepad++ works
Server Error in '/' Application
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
IIS 7.0 or later will take the settings from web.config files. If your file is not properly edited, it won't be parsed by IIS and will not work at all.
You need to either change the custom error page to view the error outside the server or loginto the server and check the error. this way you will be able to see the error and fix it.
Who can help me with this?? I don't know what the hell to do at all. From begining to end I don't even know how to create a tag or nothing. help me? asap this is how it looks:
Server Error in '/HRX' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off".
Server Error in '/HRX' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
If you have remote access to the server then try to browse the page on the server locally.
Otherwise try to set customerrors mode to "Off" and deploy it.
<customErrors mode="Off"/>
If you do either way you will hopefully see a Exception StackTrace instead. That will probably give you a better clue of what that is wrong.
In addition to what others have said, it helps to install some sort of error handling capabilities. For a nearly plug and play solution, look into ELMAH (which can be installed easily with NUGET). This keeps a database of all the unhandled exceptions in your ASP.NET site and can even email you the error details when a problem is encountered.
Also, you'll want to set up a custom error page that explains to your users an unexpected error has occurred. This looks much more professional.
NOTE
I've determined the the problem I'm describing below is specific to an error enountered loading DLL files specified in the web.config file. I would like to present a user-friendly error even in the case of web.config errors.
END NOTE
When my ASP.Net application encounters a server error I would like it to present a custom error message to the user instead of the following default scary message.
Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
I wrote a very simple HTML page and put it in the root of my application. It is called MaintenancePage.htm.
I've set my web.config file to the following:
<customErrors mode="RemoteOnly" defaultRedirect="MaintenancePage.htm">
<error statusCode="404" redirect="PageNotFound.aspx" />
</customErrors>
I've also tried ~/MaintenancePage.htm and http://[mysite]/MaintenancePage.htm. None of those options seem to work.
The way I'm testing this is to rename a DLL my project depends upon and then loading up the site in a web browser. I would expect that since there is an error and a defaultRedirect set there should be no problem showing the error page, however, I'm obviously wrong.
I've search around concerning this problem and it seem that most people are trying to redirect to an aspx page, and are encountering error with doing that. Many even report that they can't get the aspx page to load as a defaultRedirect, but they can get an html page to load.
What could I be doing wrong here?
I should note that I'm doing my testing from a different network outside the company firewall, so changing RemoteOnly to On is not the issue per the documentation. In testing changing RemoteOnly to On had no effect, as expected.
Change RemoteOnly to On.
RemoteOnly:
Specifies that custom errors are shown only to remote clients and
ASP.NET errors are shown to the local host
Also, your URL may be absolute or relative.
Read more about the customErrors settings
To watch it work locally:
<customErrors mode="On" defaultRedirect="/MaintenancePage.htm">
<error statusCode="404" redirect="/PageNotFound.aspx" />
</customErrors>
Easier way to test.
Try a bad url and watch your 404 error take over
Put this on your default.aspx page <% throw new Exception("gaah"); %>
And one other thing to consider: Error Logging. Can be achieved easily through ELMAH.