A lot of friends have encountered a lot of problems when using IIS6 website, and some of these problems have been encountered in IIS5 in the past, some are new, and they have been busy for one afternoon. I have done a lot of experiments, combined with the previous troubleshooting experience, made this summary, I hope to help you.
Problem 1: Parent path not enabled
Examples of symptoms:
Server.MapPath() Error 'ASP 0175 : 80004005'
Path characters not allowed
/0709/dqyllhsub/news/OpenDatabase.asp, line 4
Characters are not allowed in MapPath's Path parameter' ..'.
Reason analysis:
Many web pages use statements such as ../format (ie return to the previous page, which is the parent path), while IIS6.0 is for security reasons. This option is turned off by default.
Solution:
In the Properties -> Home Directory -> Configuration -> option in IIS. Put a check mark in front of "Enable Parent Path". Confirm the refresh.
Question 2: ASP's Web extension is not properly configured (also for ASP.NET, CGI)
Examples of symptoms:
HTTP error 404 - File or directory not found.
Reason analysis:
Added the option of web program extension in IIS6.0, you can allow or prohibit programs such as ASP, ASP.NET, CGI, IDC, etc. by default. Programs such as ASP are forbidden.
Solution:
Select Active Server Pages in the Web Service Extension in IIS and click "Allow".
Question 3: Improper authentication configuration
Examples of symptoms:
HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration.
Cause Analysis: IIS supports the following web authentication methods:
Anonymous Authentication
IIS creates the IUSR_ computer name account (where the computer name is the name of the server running IIS), To authenticate anonymous users when they request web content. This account grants users local login privileges. You can reset anonymous user access to use any valid Windows account.
Basic Authentication
Use Basic Authentication to restrict access to files on NTFS-formatted web servers. With basic authentication, the user must enter credentials and the access is based on the user ID. User IDs and passwords are sent in clear text between networks.
Windows Integrated Authentication
Windows Integrated Authentication is more secure than Basic Authentication and works well in intranet environments where users have Windows domain accounts. In integrated Windows authentication, the browser attempts to use the credentials that the current user used during the domain logon process, and if the attempt fails, the user is prompted for a username and password. If you use integrated Windows authentication, the user's password will not be transferred to the server. If the user logs in to the local computer as a domain user, he does not have to authenticate again when accessing the network computers in this domain.
Digest Authentication
Digest authentication overcomes many of the shortcomings of basic authentication. When using digest authentication, the password is not sent in clear text. Alternatively, you can use digest authentication with a proxy server. Digest authentication uses a challenge/response mechanism (a mechanism used by integrated Windows authentication) where passwords are sent in encrypted form.
.NET Passport Authentication
Microsoft .NET Passport is a user authentication service that allows for single sign-on security, making it more secure for users to access .NET Passport-enabled Web sites and services. Sites with .NET Passport enabled rely on the .NET Passport central server to authenticate users. However, the hub server does not authorize or deny specific users access to individual .NET Passport-enabled sites.
Solution:
Configure different authentications as needed (generally anonymous authentication, which is the authentication method used by most sites). Authentication options are configured under IIS Properties -> Security -> Authentication and Access Control.
Problem 4: Improper IP restriction configuration
Example of symptom:
HTTP error 403.6 - Forbidden access: The IP address of the client is rejected.
Reason Analysis:
IIS provides an IP restriction mechanism, you can configure to restrict certain IPs from accessing the site, or restrict only certain IPs to access the site, and if the client is being If you block the IP range, or are outside the range you allow, an error message will appear.
Solution:
Enter IIS Properties -> Security -> IP Address and Domain Name Restrictions. If you want to restrict access to certain IP addresses, you need to select authorized access, click Add to select the IP address that is not allowed. Otherwise, only certain IP addresses can be accessed.
Question 5: IUSR account is disabled
Example of symptom:
HTTP error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Analysis of the cause:
Since the account used for anonymous access by the user is the IUSR_ machine name, if this account is disabled, the user will be inaccessible.
Solution:
Control Panel -> Administrative Tools -> Computer Management -> Local Users and Groups, enable the IUSR_ machine name account.
Problem 6: NTFS permissions are not set properly
Symptoms:
HTTP Error 401.3 - Unauthorized: Access is denied due to ACL settings for the requested resource.
Cause Analysis:
The user of the Web client belongs to the user group. Therefore, if the file has insufficient NTFS permissions (for example, no read permission), the page will be inaccessible.
Solution:
Enter the security tab of the folder, configure user permissions, at least read permissions. The NTFS permission settings are no longer described here.
& lt; & lt; Previous] [authentication misallocation Next [IWAM account does not Synchronization]>>
This article is copyrighted by ZDNet China and is strictly prohibited without permission.
About asp 404 error, I still can't do after it is enabled, will asp extend?.. - dayafterday
Question 7: IWAM account is not synchronized
Examples of symptoms: < BR> HTTP 500 - Internal Server Error
Cause Analysis:
The IWAM account is a built-in account automatically created by the system when IIS is installed. After the IWAM account is established, it is used by the Active Directory, IIS metabase database and COM+ application. The account password is saved by the three parties, and the operating system is responsible for the synchronization of the IWAM passwords saved by the three parties. The system's password synchronization work for IWAM accounts sometimes fails, resulting in inconsistent passwords for IWAM accounts.
Workaround:
If there is AD, select Start -> Programs -> Administrative Tools -> Active Directory Users and Computers. Set a password for the IWAM account.
Run c:\\Inetpub\\AdminScripts>adsutil SET w3svc/WAMUserPass + password to synchronize IIS metabase database password
Run cscript c:\\inetpub\\adminscripts\\synciwam.vbs -v Synchronize IWAM account password in COM+ application
Problem 8: MIME setup issues cause some types of files to fail to download (ISO as an example)
Examples of symptoms:
HTTP Error 404 - File or directory not found.
Cause Analysis:
IIS 6.0 canceled support for certain MIME types, such as ISO, causing client download errors.
Solution:
Properties in IIS -> HTTP Header -> MIME Type -> New. In the subsequent dialog, the extension is filled in with .ISO and the MIME type is application.
In addition, firewall blocking, ODBC configuration errors, Web server performance limitations, thread restrictions and other factors are also possible reasons for the IIS server can not be accessed, here is no longer one by one. I hope this post can solve most of your questions :)
Extrapolated SCSI card after processing good example: Just arrived at the customer, it is the custo
from basic prevention, effective protection of backup Today, the protection of important data is ge
Todays servers pseudo-static life and death cant be loaded, and many reasons cant
Today installed IIS FTP on Windows 2003 Server, the server opened Windows Firewall, added an excepti
Server log cleanup and IIS log cleanup
Teach you how to add pseudo-static under nginx
Improve network service security Anonymous FTP security settings
How to install a configuration firewall on Win2000
Analysis: How to choose servers for SMEs
How to improve RAID 5 data recovery success rate
The difference between hot standby and RADE
How to disable IE browser in Win10 system?
What can I do if I can't wake up after Win7 sleep?
Microsoft warns: Do not try to install Win10 before July 29th
Win10 hidden retail demo mode cheats
Disable balloon tips on the Start menu in Vista
Win10 big benefits: built-in Cortana Microsoft Xiaona and Xiao Bing
Really cool. Netizens witnessed watching the movie while installing Win7
Reasons for the excessive temperature of Win7 graphics card and countermeasures
Close Win10 window Snap function tips
Win10 system operation tips 1 minute experience windows10 fresh sense