IIS problem under Windows server

A lot of friends have encountered a lot of problems when using the IIS6 website. Some of these problems have been encountered in the past IIS5, some are new, and they have been busy for one afternoon and have done many experiments. Combined with the previous troubleshooting experience, I made this summary, I hope to help you:) Question 1: The parent path is not enabled Symptoms: Server.MapPath() Error ASP 0175 : 80004005 Path characters not allowed 07/09/Dqyllhsub/news/OpenDatabase.asp, line 4 does not allow characters in the Path parameter of MapPath.. Analysis of the cause: Many Web pages use statements such as ../format (that is, return to the previous page, which is the parent path), and IIS 6.0 is closed by default for security reasons. Workaround: In IIS Properties -> Home Directory -> Configuration -> Options. Put ” enable the parent path “ in front of the tick. Confirm the refresh. Question 2: ASP's Web extension is not properly configured (also for ASP.NET, CGI) Symptoms: HTTP Error 404 - File or directory not found. Reason analysis: In IIS6.0, the option of web program extension has been added. You can allow or prohibit programs such as ASP, ASP.NET, CGI, IDC, etc. By default, ASP and other programs are forbidden. Solution: Select Active Server Pages in the Web Services Extension in IIS and click <;Allow”. Problem 3: Improper authentication configuration Example of symptoms: HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration. Cause Analysis: IIS supports the following web authentication methods: Anonymous Authentication IIS creates an IUSR_ computer name account (where the computer name is the name of the server running IIS) to identify anonymous users when they request web content. verification. This account grants users local login privileges. You can reset anonymous user access to use any valid Windows account. Basic authentication Use basic authentication to restrict access to files on NTFS-formatted web servers. With basic authentication, the user must enter credentials and the access is based on the user ID. User IDs and passwords are sent in clear text between networks. Windows Integrated Authentication Windows Integrated Authentication is more secure than Basic Authentication and works well in intranet environments where users have Windows domain accounts. In integrated Windows authentication, the browser attempts to use the credentials that the current user used during the domain logon process, and if the attempt fails, the user is prompted for a username and password. If you use integrated Windows authentication, the user's password will not be transferred to the server. If the user logs in to the local computer as a domain user, he does not have to authenticate again when accessing the network computers in this domain. Digest authentication Digest authentication overcomes many of the shortcomings of basic authentication. When using digest authentication, the password is not sent in clear text. Alternatively, you can use digest authentication with a proxy server. Digest authentication uses a challenge/response mechanism (a mechanism used by integrated Windows authentication) where passwords are sent in encrypted form. .NET Passport Authentication Microsoft .NET Passport is a user authentication service that allows for single sign-in security, making it more secure for users to access .NET Passport-enabled Web sites and services. Sites with .NET Passport enabled rely on the .NET Passport central server to authenticate users. However, the hub server does not authorize or deny specific users access to individual .NET Passport-enabled sites. Workaround: Configure different authentications as needed (typically anonymous authentication, which is the authentication method used by most sites). Authentication options are configured under IIS Properties -> Security -> Authentication and Access Control