I'm working on a web application that is referenced from another, external application. The external application tries to do a POST on the vdir when opening. At this point, I get an HTTP 405 Error:
HTTP Error 405 - The HTTP verb used to access this page is not allowed.
Internet Information Services (IIS)
I checked the IIS event logs and I see that the external application tries to post, but I can't change permissions for a directory, since I need an extension.
Any ideas?
Make sure you are including the web page file name in the post URL (http://yoursite/app/Page.aspx instead of http://yoursite/app)
You may need to explicitly allow POSTs to the file type of your web page. See here for instructions of how to do it in IIS. (Those instructions are for IIS 6. For IIS 7 simply go to Handler Mappings, click Edit for the appropriate entry, click the Request Restrictions button, then go to the Verbs tab.)
Do you have a default document in the virtual directory that you are posting to? IIS will not allow POST commands to a folder, but it should still map the virtual directory to the default document. Also try removing the trailing slash.
http://forums.iis.net/t/1171316.aspx
Related
IIS 7.5 is looking for my web.config file in a mapped route and not in the actual folder location.
Example
C:\inetpub\wwwroot\api\thedoors\1 <-- is where it's looking this is not a directory but a specified url in WebApiConfig class
Where it should look is
c:\inetpub]wwwroot\thedoors\
I'm using publish from VS 2012 to publish locally to my IIS 7.5 web server.
Server Error in Application "THEDOORS"
Internet Information Services 7.5
Error Summary
HTTP Error 404.0 - Not Found
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
Detailed Error Information
ModuleIIS Web Core
NotificationMapRequestHandler
HandlerStaticFile
Error Code0x80070002
Requested URLhttp://localhost:80/api/thedoors/1
Physical PathC:\inetpub\wwwroot\TheDoors\api\thedoors\1
Logon MethodAnonymous
Logon UserAnonymous
Most likely causes:
The directory or file specified does not exist on the Web server. The URL contains a typographical error. A custom filter or module, such as URLScan, restricts access to the file.
Things you can try:
Create the content on the Web server. Review the browser URL. Create a tracing rule to track failed requests for this HTTP status code and see which module is calling SetStatus. For more information about creating a tracing rule for failed requests, click here.
Links and More Information
This error means that the file or directory does not exist on the server. Create the file or directory and try the request again.
View more information »
Benny, this is not the problem with the virtual location of your web.config file. It is telling you that something about your web.config file is not correct. It seems that it cannot find physical web.config in the location C:\inetpub\wwwroot\api\thedoors\web.config where your Web API is executing. Do you have the file in the specified location?
UPDATE: I would open IIS Managment Console and check folder mappings.
I just created a sample Web API project and published it to a local IIS, but I cannot reproduce the issue. My folder mappings seem to be OK. The folder is C:\inetpub\wwwroot\sampleapi and web.config is there.
I would like to be able to hide the existence of folders in my DotNet 2.0 website which is being hosted via IIS 7.5 that contain files that must continue to be accessible. For example, I want a person's web browser to be able to retrieve the file domain.com/css/style.css (which is needed to render the page) but if the person tries to access the URLs domain.com/css/ or domain.com/css I want them to receive a 404 error. (not a 403 error)
By default IIS 7.5 will give a 403 error which would still allow an attacker to know about the existence of the folder. I realize that an attacker could easily discover the existence of the "css" folder by visiting the site in their browser and seeing that files are being pulled from the "css" folder. That said, this is a requirement of the project that I have to comply with.
In IIS6 I used to be able to set the hidden attribute for the folder which would give me the 404 behavior I wanted, but this is no longer the case in IIS7.5. (IIS 7.5 gives a 500 error if I try to do this) IIS 7.5 is another requirement of this project. Also, in IIS6 I want able to create a wildcard mapping that would cause all requests to route through DotNet which would then allow me to create a 404, but again, this does not appear to work on IIS7.5.
I have already tried creating handlers in the web.config ( node) which works on my staging system but not on my production system. Also, this method seems like overkill because I have to create a c# handler and have a handler entry in the web.config for each folder I want to hide. I'd like a simpler solution, but also, the solution just seems to not work on my production system.
Ideally, requests to the folder that do not include the trailing forward slash should NOT cause a 301 redirect but should also cause a 404.
You could always put a handler/ASPX page as the default page for directories, and have that handler return a 404 error code.
I'm doing application testing on Windows Server 2012 to check compatibility of our web apps (in .Net 4) and am having issues loading any ASPX page. I have tried uninstalling and reinstalling all of the .Net, IIS and ASP.Net roles from Server Manager numerous times. I also found that aspnet_regiis no longer works in Server 2012, it just gives a message to use the role/feature pages instead. I'm at a loss, has anyone else tried IIS 8 yet?
I get the following message:
HTTP Error 404.3 - Not Found
The page you are requesting cannot be served because of the extension configuration. If the page is a script, add a handler. If the file should be downloaded, add a MIME map.
Most likely causes:
•It is possible that a handler mapping is missing. By default, the static file handler processes all content.
•The feature you are trying to use may not be installed.
•The appropriate MIME map is not enabled for the Web site or application. (Warning: Do not create a MIME map for content that users should not download, such as .ASPX pages or .config files.)
•If ASP.NET is not installed.
Things you can try:
•In system.webServer/handlers: ◦Ensure that the expected handler for the current page is mapped.
◦Pay extra attention to preconditions (for example, runtimeVersion, pipelineMode, bitness) and compare them to the settings for your application pool.
◦Pay extra attention to typographical errors in the expected handler line.
•Please verify that the feature you are trying to use is installed.
• Verify that the MIME map is enabled or add the MIME map for the Web site using the command-line tool appcmd.exe.
1.To set a MIME type, use the following syntax: %SystemRoot%\windows\system32\inetsrv\appcmd set config /section:staticContent /+[fileExtension='string',mimeType='string']
2.The variable fileExtension string is the file name extension and the variable mimeType string is the file type description.
3.For example, to add a MIME map for a file which has the extension ".xyz": appcmd set config /section:staticContent /+[fileExtension='.xyz',mimeType='text/plain']
Warning: Ensure that this MIME mapping is needed for your Web server before adding it to the list. Configuration files such as .CONFIG or dynamic scripting pages such as .ASP or .ASPX, should not be downloaded directly and should always be processed through a handler. Other files such as database files or those used to store configuration, like .XML or .MDF, are sometimes used to store configuration information. Determine if clients can download these file types before enabling them.
•Install ASP.NET.
•Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
Detailed Error Information:
Module
StaticFileModule
Notification
ExecuteRequestHandler
Handler
StaticFile
Error Code
0x80070032
Requested URL
http://localhost:80/login.aspx
Physical Path
C:\Inetpub\WEBSITE\login.aspx
Logon Method
Anonymous
Logon User
Anonymous
Well, after fighting this issue for the last few days I reset the VM to the base snapshot that I took immediately after finishing the OS install. I followed the exact same steps that I documented during my first runthrough to install the IIS and App Development features then installed my apps and now it works. I have no idea why or how it worked this time where it didn't before, but at least it is working now.
I'm creating my first FubuMVC application. I've got a physical folder Demo and a route that should handle the "/demo" url. For some reason, when I try to debug it in Visual Studio, it issues a permanent redirect to "/demo/", and then returns HTTP Error 404.20 - Not Found (No default document). When I route the same action to /demostuff, everything works just fine. I noticed that my application startup scripts are fired on the first request, but it's somehow not routed to Fubu's HttpHandler.
I'm using IIS Express.
Coding Platform ASP.NET 4.0 WebForms on IIS7.5
If I request a page blahblah.aspx which does not exist, I get navigated to my custom error page for Page not found Exception. I have implemented URL routing and so I have omitted all my .aspx extensions for routes.
Now, If I type www.mysite.com/blahblah (thats a url without extension) instead of going to my custom error page, it gets redirected to my IIS 404 error page.
What should I do to make my custom error page appear on my site instead of IIS error page?
The Easy Way
If your IIS 7 web server doesn't already have it, install the IIS 7.0 Administration Pack from Microsoft.
Navigate to the root web server name in IIS, and open the Configuration Editor (part of the Administration Pack). Change the dropdown to system.webServer/httpErrors, right-click on defaultPath, and choose 'defaultPath' Attribute -> Unlock Attribute.
Then try to change the custom error handler page again. Navigate to your site, open Error Pages under the IIS group, click Edit Feature Settings on the right, select Custom error pages and finally, put in your path for the default page.
No lock error this time.
I originally tried to unlock this attribute at the web site level but was prevented, so be aware you may have to go all the way to the root of the IIS tree, the web server itself.
The Manual Way
I know you can accomplish all this by direct editing in notepad of the appropriate config file on the web server. And that may be required for your particular web hosting environment or company production web server change protocols. But why make it complicated if it doesn't need to be? Plus, this way you can do it in the GUI, and compare the before and after to see what changes you truly have to make. But if you MUST do it manually, then:
Open the file %windir%\System32\inetsrv\config\applicationHost.config in Notepad. Run Notepad as administrator if you're having problems.
Pro tip: Do not use notepad++ to edit applicationHost.config. You'll end up secretly and silently saving a 32-bit copy of the file that's in a different folder than the one IIS looks in (due to Windows, not np++) without actually affecting the file you wish to change.
You'll see something like this:
<httpErrors lockAttributes="allowAbsolutePathsWhenDelegated,defaultPath">
Remove the ,defaultPath section and save.
You will be able to make the changes you need.
Assuming you haven't done this already...
Go to IIS, select your website, and choose the option "Error Pages". In there, find the 404 status code, right click and go to "Edit Feature Settings". you can then select "Custom Error pages" and change the "Path Type" to URL "Execute URL" to do some rewriting, or a default redirect page for anything else. Put in your URL as a relative value, and now it should redirect to this url on 404 errors.
Edit: Did a bit of digging, in cases, this config may be locked, if you run the following command, it should remove the lock:
%windir%\System32\inetsrv\appcmd unlock config -section:system.webserver/httperrors
Once that is done, you can edit the url properly.