I am going to upload new look of my site.my site is in ASP .NET , C#.
What i want that during my testing time the site should in Maintenance mode but i should be able to access the site.
So my question is can i have conditional app_offline.htm , so my site will be accessible from my IP and others will see app_offline page.
Please note I can change my IIS setting if required.
Sadly I dont think that is possible. App_offline.htm is a one-trick-pony and just takes the app offline.
You mention being able to amend IIS settings. Are you able to set up a second site within IIS and restrict access by IP address, therefore still having your existing site online.
Related
I have publish my website at visual studio . and i try to setup a website by IIS .
What i have done is :
I click Add New Website in ' Sites ' folder in the IIS and when i browse my physical path and pool , there is always the error saying cannot verify access to path , while my pool authentication passed .
this is my first time publishing a site , i want to host my site on localhost so whenever i type localhost it will be my site without running through visual studio . Can anyone help me with the IIS error on cannot verify acess to path ?
this is the look of my error :
I have just spent a long time trying to get to grips with this myself, and I believe I can offer an answer that may help anyone else who comes across this question in future. I think the problem stems from the terminology that is used in IIS, and the fact that you are just trying to deploy one website to localhost in order to test it.
In IIS, a 'Website' (i.e. what you are adding if you right-click Sites and then "Add Website...") is not really what you would commonly refer to as a website. It is just a folder on disk, with a URL binding. The Default Web Site, for example, has the folder \inetpub\wwwroot, and the binding "http:*:80:" which means that any http request (port 80) will go to this "Website". Your website that you have published is not what IIS refers to as a "Website".
In IIS, an individual website is called an "Application". A "Website" in IIS can hold a number of Applications, and you can add them by right-clicking the Default Web Site and choose "Add Application...".
In other words, the Default Web Site in IIS can contain many websites. For example:
http://localhost/eStellar
http://localhost/otherWebsite
http://localhost/thirdWebsite
all of which may be completely unrelated. I would say that the 3 sites above are 3 different websites, but in IIS these are three "Applications" contained within the "Default Web Site".
In IIS, each "Website" must have a unique binding. As you want your website to be accessible from
http://localhost/eStellar
(which is port 80) you should use the IIS Default Web Site, because it has the binding already to port 80 and you cannot create another "Website" in IIS with that same binding.
So right-click on the Default Web Site, and choose "Add Application...". In the dialog box that appears, the Alias is the name that you want to use in the URL after localhost, so in your case this is "eStellar". The Application Pool can be anything, but just choose the DefaultAppPool for now (the choice of Application Pool is another issue entirely). In the Physical Path, enter the place where you published the website to (i.e. what you have in the Physical Path box in the image in your question).
I also get the same "Cannot verify access to path" warning that you show in your image, but this does not affect my ability to access the page at
http://localhost/eStellar
It appears to be saying that it "cannot verify" whether you have access, not that it definitely cannot access the site. This warning was a bit of a red herring for me, as it actually has nothing to do with why I could not set up the site with the same method as you state in your question.
Hopefully now you can access your site at localhost.
These are the steps that need to be done on IIS 7
Right click your default website
Click on add application.
a dialogue will appear you need to give alias and folder path to your application here. along with application pool.
and you are good to go.
Regarding your error, give your login user rights, And if you are using connect as provide the user name and password of your machine to see if your test is successful.
I have an ASP.NET application which I am testing on the ASP.NET Development server. The application is meant to download a file from an intranet sharepoint site. I am using WebClient.DownloadFile() for this purpose. But I am getting the following exception-
"The remote server returned an error: (401) Unauthorized."
The account with which I am logged into Windows while running the application has access to the resource which I want to download.
I tried ro run the application on IIS 7.5 as well, giving the application pool the required identity to download the file. But still got the same error.
Any idea what exactly is the problem and how to overcome it? Thanks in advance!
It's a problem with double hop delegation. Look at this: http://weblogs.asp.net/owscott/archive/2008/08/22/iis-windows-authentication-and-the-double-hop-issue.aspx
Assuming normal Windows (NTLM) authentication on SharePoint site.
Most likley you are hitting by design behavior "double hop delegation" sometimes called "one hop NTLM hell" - credentials passed from client (browser) to server (your ASP.Net application) can't be used outside of the box. As result your ASP.Net application autorizes as more or less anonymous user and can't authorize on SharePoint site.
Common way to solve it - have some sort of trusted account and run your site's code under that account. Than when accessing the site you run code under process' account (not impersonating the user). You'll need to review code to have reasonable security measures as bugs will allow anyone use your site to access SharePoint/other resources under that special account.
Problem got resolved by setting UseDefaultCredentials property of the WebClient to true
This is a Kerberos issue, as Kirill mentioned. Before you start setting SPNs and the like, please follow the advice on this link first.
I recently had a frustrating week of trying to get Kerberos to work on a locked down domain and at the end of it all I found all I had to do was set useAppPoolCredentials to true.
If that doesn't help, this link provided quite useful to me as well.
Good luck!
I have got a website, which i want to be opened from some specified IP addresses.
I know how to get ip address in asp.net, but i dont want this check to be perform on page init or in masterpage for again and again.
is it possible to do some settings in web.config or do some stuff with global.asax. so we can control that website to be opened from some specified ip address only and we need not to write the check for this again and again.
i am using express edition of vs2008 for web development
Thanks
EDIT:
I just wants to do it by code or using web.config or global.asax. (but i dont wants to write it on page init or masterpage). is it not possible to do some stuff with application_start in global.asax and redirect user to some other url or any other such idea which can me implemented by coder not by iis settings or other settings kind of stuff?
If you don't have access to IIS, one option would be to Write a whitelist HTTPModule. Scott hanselman posted a blacklist HTTPModule on his blog. It would be quite simple to modify this to provide whitelist functionality.
You can restrict access to IPs with IIS. Depending on the version of IIS it's slightly different, but look for Directory Security and denying/granting access.
Go to inetmgr >> right click on website >> property
Another approach is through defining ipsecurity section in the web.config
http://www.iis.net/configreference/system.webserver/security/ipsecurity
note: IP and Domain Restrictions is enabled on Azure WebSites
http://azure.microsoft.com/blog/2013/12/09/ip-and-domain-restrictions-for-windows-azure-web-sites/
I finished my very first C# project in VS 2008 and it is working well now. But now I need to publish this project onto my new website. This project is a web application that interacts with my SQL Server 2008 Adventureworks database on this same computer(XP Professional OS). I am running IIS 6.0 Manager, but I am a newbie to both IIS 6.0 and VS 2008.
I began by right-clicking the application in VS and selecting "Publish", but I've just selected File System, cause choosing Local IIS forces me to enter Username and password.
The problem is that I can't open this website from IIS without it prompting me for username and password. I have modified machine.config file several times in the processModel section, by setting username="D610-M\ASPNET", password="AutoGenerate". But this makes me enter built-in password when I try to view it. And I don't know what built-in ASPNET password is. When I cancel this password popup, it returns:
HTTP 401.1 "You are not authorized to
view this page."
And I've reset the ASPNET password several times. First I tried setting it to a password I knew, then I ran the aspnet_regiis command to reinitialize it. I also tried substituting other usernames and passwords, but none of them have worked. I even tried entering "SYSTEM" for username and AutoGenerate password, but even this prompts me to enter password. I have added the ASPNET user Read/Write/List permissions to all relevant folders. And I tried to create a new website pointing to http://localhost/[AppName], but this forces me to enter password. So no getting around that password.
I have modified Properties for Default Website in IIS: Home Directory pointing to my application in VS 2008 folder and Application Protection = Low. On Directory Security tab, I set username to D610-M\IUSR_D610-M and I checked "Enable anonymous access." I unchecked the Allow IIS to control password.
And I have read alot of MS URL's and other websites to see if I could answer these problems myself, but none of their helps worked either. This should be simple. I'm just trying to add my web application to my website. I know that my website works cause I installed a default website with basic HTML and it works.
What else can I try in order to add this web app to my website?
One important limitation to remember is that you are only allowed one website on IIS6 on XP.
If you have edited your machine.config you have introduced too many new variables into the equation to properly troubleshoot the problem (not that editing machine.config in itself is harmful, but it's an indication that there's a bit of shotgun approach to the problem).
You need to start out by wiping your slate clean and making sure that you have an otherwise working system. Browsing an HTML page does not prove much as running HTML and running ASP.NET are like apples and bicycles.
The best that I know of for doing this is uninstalling and reinstalling IIS and whatever .NET framework you are on. If you are on 3.5 you should do this for both two and three point five. If you can you need to put machine.config and every version of web.config (except the one in your web app itself) back to their defaults. There is nothing there you should need to edit run an ordinary ASP.NET app.
Once you think you have a tabla rasa and can browse an html page, then change its extension to .aspx and see if you can still browse it.
My last suggestion for today is:
As a poster above said set your ACLs on the folder where your website is (typically c:\inetpub\wwwroot) so that the group "Everyone" has "Full Access". Don't leave it this way, even on your own machine, but it takes file permissions out of the equation. If you are still having problems let me know, but basically you need to start from a "known good" state if you ever hope to get this problem resolved.
I am not sure if this is it, but.... I have seen this error myself and it is usually caused by not having the ASP.NET version set to 2.0 in your Website properties under the ASP.NET tab. This setting is often defaulted to ASP.NET 1.1 which would cause this error to occur. Note, that even though you are using Visual Studio 2008 the ASP.NET Version is still needs to be 2.0 in IIS. I would double check this setting.
Usually, I recommend the initial build to be to a location in C:\ (example being C:\MyFirstApplication). You also need to make sure the "Network Service" has permissions to that folder. Placing the application in the projects (or whatever) folder in your personal documents list is asking for permissions and access issues. Try that and see if it works!
You need to set root level folder permissions on your web site. Navigate to the folder that holds your web site, right click, permissions, security tab. Make sure that you have asp.net, anonymous user, Internet Guest Account (computer\iuser_{something}) and network service in the allowed roles.
As an aside I suggest that you pre-compile your site before posting it to your web server. This is a security precaution and a performance booster. Getting into this habit will be a good thing for you in the long run. It keeps people from tweaking the code on the server. There is a good utility here to make this easier: http://www.west-wind.com/tools/aspnetcompiler.asp
I believe this is pretty much the same as the question posed by him earlier here
we developped an ASP.NET application that runs fine on our development server and in our network computers. But in production, the application works when accessing it directly from the web server but not on the clients (code behind is not executing).
Any hints?
TY
Framework is 3.5
the application works when accessing it directly from the web server but not on the clients (code behind is not executing).
This sounds like a security permissions issue.
Check to see where the website is installed. C:\inetpub\wwwroot has the proper execute permissions by default. For security reasons, many corporations like to set a policy that websites have to be installed elsewhere [1]. When setting up websites outside of the default folder, add "read & execute", "read" and "list folder contents" permissions to IIS_WPG, IWAM_server_name, IUSR_server_name and ASPNET accounts. Sometime NETWORK SERVICE needs to be added to the collection.
When you run logged in locally, the application is running with the logged in user's credentials. When hitting the website remotely, the application is trying to run with the account showned in the Authentications dialog (in IIS manager, right click the web site/application, then properties, then directory security tab, then click "edit" on the "authentication and access control" bit. Usually, "enable anonymous access" is clicked and the "user name" is IUSR_server_name.
Notes:
1 - So that when some hacker uploads malevolant code to C:\inetpub\wwwroot, the code does nothing because the websites aren't there.
hmm, "static web site" + button click = no code behind + hyperlinks
check the hyperlink paths as [Wim Hollebrandse] mentioned UNC!!
is the application correctly configured in the iis manager?
application has to be created and the .net framework has to be enabled and set to the right version.
That doesn't make any sense. Please don't tell me your clients are browsing to your website over a UNC network path/share instead of over HTTP...
Another reason could be that the clients (assuming they're on a different subnet than the working ones) end up on a different box because of some DNS or NAT issues, whilst you assume they end up on the correct server. Try connecting to the IP address instead of the DNS hostname.
Here's a list of questions that may help narrow down where the problem is:
Have you checked using Fiddler or other network tools to ensure that a request is going to the server when a button is clicked on a client's machine?
Are you sure there isn't a firewall or JavaScript issue here? If the client is using NoScript, this could cause the problem, I think.
Is the same browser being used on the server and client's computers?
Is there anything fancy about the button on the page,e.g. is an AJAX callback?