Iis ошибка 403

Fixes an issue in which you receive an "HTTP 403 (Forbidden)" error when a client HTTPS request is sent to a Web application or Web service in IIS 7.5 or IIS 8.0. This issue occurs when the host Web application or Web service accepts self-signed certificates for validation.

Symptoms

Consider the following scenario:

  • You install a custom certificate validation module in Internet Information Services (IIS) 7.5 or IIS 8.0.

  • You host a Web application or Web service that accepts a self-signed certificate for validation in IIS.

  • An HTTPS request that uses a self-signed certificate from a client computer is sent to the Web application or Web service.

In this scenario, the client computer may receive an «HTTP 403 (Forbidden)» error message.

Cause

This issue occurs because IIS rejects the self-signed certificate before it reaches the custom certificate validation module.

Note This issue typically occurs when you use a large-sized certificate.

Resolution

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a «Hotfix Download Available» section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft website:

http://support.microsoft.com/contactus/?ws=supportNote The «Hotfix Download Available» form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

For IIS 7.5

To apply this hotfix, you must have IIS 7.5 installed on a computer that is running one of the following operating systems:

  • Windows 7

  • Windows 7 Service Pack 1 (SP1)

  • Windows Server 2008 R2

  • Windows Server 2008 R2 Service Pack 1 (SP1)

For IIS 8.0

To apply this hotfix, you must have IIS 8.0 installed on a computer that is running one of the following operating systems:

  • Windows 8

  • Windows Server 2012

Restart requirement

You must restart the computer if IIS is running when you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The global version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

For all supported x86-based versions of Windows 7

File name

File version

File size

Date

Time

Platform

Hwebcore.dll

7.5.7600.17133

12,800

1-Oct-12

15:48

x86

Iiscore.dll

7.5.7600.17133

197,632

1-Oct-12

16:49

x86

W3dt.dll

7.5.7600.17133

24,064

1-Oct-12

15:49

x86

Hwebcore.dll

7.5.7600.21333

12,800

29-Sep-12

15:44

x86

Iiscore.dll

7.5.7600.21333

200,192

29-Sep-12

16:44

x86

W3dt.dll

7.5.7600.21333

24,064

29-Sep-12

15:44

x86

Hwebcore.dll

7.5.7601.17963

12,800

1-Oct-12

15:41

x86

Iiscore.dll

7.5.7601.17963

198,144

1-Oct-12

16:40

x86

W3dt.dll

7.5.7601.17963

24,064

1-Oct-12

15:41

x86

Hwebcore.dll

7.5.7601.22123

12,800

29-Sep-12

15:29

x86

Iiscore.dll

7.5.7601.22123

200,192

29-Sep-12

16:28

x86

W3dt.dll

7.5.7601.22123

24,064

29-Sep-12

15:29

x86
For all supported x64-based versions of Windows 7 and of Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Hwebcore.dll

7.5.7600.17133

15,360

1-Oct-12

17:46

x64

Iiscore.dll

7.5.7600.17133

313,856

1-Oct-12

17:46

x64

W3dt.dll

7.5.7600.17133

31,744

1-Oct-12

17:52

x64

Hwebcore.dll

7.5.7600.21333

15,360

29-Sep-12

17:25

x64

Iiscore.dll

7.5.7600.21333

314,880

29-Sep-12

17:26

x64

W3dt.dll

7.5.7600.21333

31,744

29-Sep-12

17:31

x64

Hwebcore.dll

7.5.7601.17963

15,360

1-Oct-12

17:37

x64

Iiscore.dll

7.5.7601.17963

300,544

1-Oct-12

17:37

x64

W3dt.dll

7.5.7601.17963

32,256

1-Oct-12

17:41

x64

Hwebcore.dll

7.5.7601.22123

15,360

29-Sep-12

17:40

x64

Iiscore.dll

7.5.7601.22123

315,392

29-Sep-12

17:40

x64

W3dt.dll

7.5.7601.22123

32,256

29-Sep-12

17:45

x64
For all supported IA-64-based versions of Windows Server 2008 R2

File name

File version

File size

Date

Time

Platform

Hwebcore.dll

7.5.7600.17133

37,376

1-Oct-12

16:34

IA-64

Iiscore.dll

7.5.7600.17133

573,952

1-Oct-12

16:34

IA-64

W3dt.dll

7.5.7600.17133

52,736

1-Oct-12

16:42

IA-64

Hwebcore.dll

7.5.7600.21333

37,376

29-Sep-12

16:27

IA-64

Iiscore.dll

7.5.7600.21333

581,632

29-Sep-12

16:27

IA-64

W3dt.dll

7.5.7600.21333

52,736

29-Sep-12

16:33

IA-64

Hwebcore.dll

7.5.7601.17963

37,376

1-Oct-12

16:26

IA-64

Iiscore.dll

7.5.7601.17963

575,488

1-Oct-12

16:27

IA-64

W3dt.dll

7.5.7601.17963

52,736

1-Oct-12

16:32

IA-64

Hwebcore.dll

7.5.7601.22123

37,376

29-Sep-12

16:34

IA-64

Iiscore.dll

7.5.7601.22123

582,144

29-Sep-12

16:34

IA-64

W3dt.dll

7.5.7601.22123

52,736

29-Sep-12

16:40

IA-64

For all supported x86-based versions of Windows 8

File name

File version

File size

Date

Time

Platform

Hwebcore.dll

8.0.9200.16432

14,336

10-Oct-12

6:30

x86

Iiscore.dll

8.0.9200.16432

206,336

10-Oct-12

6:30

x86

W3dt.dll

8.0.9200.16432

25,600

10-Oct-12

6:31

x86

Hwebcore.dll

8.0.9200.20533

14,336

10-Oct-12

6:43

x86

Iiscore.dll

8.0.9200.20533

206,336

10-Oct-12

6:43

x86

W3dt.dll

8.0.9200.20533

25,600

10-Oct-12

6:44

x86

For all supported x64-based versions of Windows 8 and Windows Server 2012

File name

File version

File size

Date

Time

Platform

Hwebcore.dll

8.0.9200.16432

16,896

10-Oct-12

7:04

x64

Iiscore.dll

8.0.9200.16432

318,976

10-Oct-12

7:04

x64

W3dt.dll

8.0.9200.16432

39,424

10-Oct-12

7:04

x64

Hwebcore.dll

8.0.9200.20533

16,896

10-Oct-12

7:16

x64

Iiscore.dll

8.0.9200.20533

318,976

10-Oct-12

7:16

x64

W3dt.dll

8.0.9200.20533

39,424

10-Oct-12

7:17

x64

Additional file information

Additional file information for Windows 7 and for Windows Server 2008 R2
Additional files for all supported x86-based versions of Windows 7

File name

Update.mum

File version

Not Applicable

File size

3,288

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

X86_16c40cfb0553320201a9516c6b418272_31bf3856ad364e35_6.1.7600.21333_none_3b02ff940e9924f8.manifest

File version

Not Applicable

File size

705

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

X86_8da928bef21d8d7808ef7aeee6926905_31bf3856ad364e35_6.1.7600.17133_none_b71a709d2b21533e.manifest

File version

Not Applicable

File size

705

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

X86_a87e19d1cafed07c5acee30208af93ed_31bf3856ad364e35_6.1.7601.17963_none_d04b1d36617df4a1.manifest

File version

Not Applicable

File size

705

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

X86_fc9390e976c9cb57127ea968d51bf044_31bf3856ad364e35_6.1.7601.22123_none_4b2ad2f1b7b1c5b3.manifest

File version

Not Applicable

File size

705

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

X86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.17133_none_cfb452be8a71b37e.manifest

File version

Not Applicable

File size

10,228

Date (UTC)

01-Oct-2012

Time (UTC)

17:17

Platform

Not Applicable

File name

X86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.21333_none_d03df16fa38f506f.manifest

File version

Not Applicable

File size

10,228

Date (UTC)

29-Sep-2012

Time (UTC)

17:59

Platform

Not Applicable

File name

X86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.17963_none_d17a69c487b03d22.manifest

File version

Not Applicable

File size

10,228

Date (UTC)

01-Oct-2012

Time (UTC)

17:12

Platform

Not Applicable

File name

X86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.22123_none_d22f1e61a0ada06a.manifest

File version

Not Applicable

File size

10,228

Date (UTC)

29-Sep-2012

Time (UTC)

17:00

Platform

Not Applicable
Additional files for all supported x64-based versions of Windows 7 and of Windows Server 2008 R2

File name

Amd64_23731bd974f6f71be47385b3ce6428c4_31bf3856ad364e35_6.1.7601.22123_none_2f15b44cbd2130f6.manifest

File version

Not Applicable

File size

1,060

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Amd64_2d402ef2a908f8d2dd9149fef64e9d7f_31bf3856ad364e35_6.1.7600.17133_none_ea36ea0312480248.manifest

File version

Not Applicable

File size

1,060

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Amd64_982a1283a7dd3d9cb66618d57bacb301_31bf3856ad364e35_6.1.7600.21333_none_611fb332d1497b7f.manifest

File version

Not Applicable

File size

1,060

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Amd64_affff66f55ebbdac34ba581047a3e6c5_31bf3856ad364e35_6.1.7601.17963_none_be03a951bbb6a048.manifest

File version

Not Applicable

File size

1,060

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Amd64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.17133_none_2bd2ee4242cf24b4.manifest

File version

Not Applicable

File size

10,236

Date (UTC)

01-Oct-2012

Time (UTC)

18:21

Platform

Not Applicable

File name

Amd64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.21333_none_2c5c8cf35becc1a5.manifest

File version

Not Applicable

File size

10,236

Date (UTC)

29-Sep-2012

Time (UTC)

18:19

Platform

Not Applicable

File name

Amd64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.17963_none_2d990548400dae58.manifest

File version

Not Applicable

File size

10,236

Date (UTC)

01-Oct-2012

Time (UTC)

18:12

Platform

Not Applicable

File name

Amd64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.22123_none_2e4db9e5590b11a0.manifest

File version

Not Applicable

File size

10,236

Date (UTC)

29-Sep-2012

Time (UTC)

19:31

Platform

Not Applicable

File name

Update.mum

File version

Not Applicable

File size

3,730

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.17133_none_36279894772fe6af.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

01-Oct-2012

Time (UTC)

17:12

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.21333_none_36b13745904d83a0.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

29-Sep-2012

Time (UTC)

17:39

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.17963_none_37edaf9a746e7053.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

01-Oct-2012

Time (UTC)

17:02

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.22123_none_38a264378d6bd39b.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

29-Sep-2012

Time (UTC)

16:51

Platform

Not Applicable
Additional files for all supported IA-64-based versions of Windows Server 2008 R2

File name

Ia64_1074944af042233d291c06ae87d5da96_31bf3856ad364e35_6.1.7600.21333_none_f1d0abb33360f082.manifest

File version

Not Applicable

File size

1,058

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Ia64_3cec6372575677350d80d0484a517a42_31bf3856ad364e35_6.1.7601.22123_none_9c65dd544ce59db8.manifest

File version

Not Applicable

File size

1,058

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Ia64_4e46467001f9bbc9a1b1021f2412719c_31bf3856ad364e35_6.1.7600.17133_none_7929f499de85fe73.manifest

File version

Not Applicable

File size

1,058

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Ia64_d4cd0910ca58c25cae574dee7d1a40db_31bf3856ad364e35_6.1.7601.17963_none_e7fc40f34257475e.manifest

File version

Not Applicable

File size

1,058

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Ia64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.17133_none_cfb5f6b48a6fbc7a.manifest

File version

Not Applicable

File size

10,232

Date (UTC)

01-Oct-2012

Time (UTC)

18:21

Platform

Not Applicable

File name

Ia64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.21333_none_d03f9565a38d596b.manifest

File version

Not Applicable

File size

10,232

Date (UTC)

29-Sep-2012

Time (UTC)

18:14

Platform

Not Applicable

File name

Ia64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.17963_none_d17c0dba87ae461e.manifest

File version

Not Applicable

File size

10,232

Date (UTC)

01-Oct-2012

Time (UTC)

18:04

Platform

Not Applicable

File name

Ia64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.22123_none_d230c257a0aba966.manifest

File version

Not Applicable

File size

10,232

Date (UTC)

29-Sep-2012

Time (UTC)

18:01

Platform

Not Applicable

File name

Update.mum

File version

Not Applicable

File size

2,767

Date (UTC)

03-Oct-2012

Time (UTC)

02:41

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.17133_none_36279894772fe6af.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

01-Oct-2012

Time (UTC)

17:12

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7600.21333_none_36b13745904d83a0.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

29-Sep-2012

Time (UTC)

17:39

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.17963_none_37edaf9a746e7053.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

01-Oct-2012

Time (UTC)

17:02

Platform

Not Applicable

File name

Wow64_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.1.7601.22123_none_38a264378d6bd39b.manifest

File version

Not Applicable

File size

7,906

Date (UTC)

29-Sep-2012

Time (UTC)

16:51

Platform

Not Applicable

Additional file information for Windows 8 and for Windows Server 2012

Additional files for all supported x86-based versions of Windows 8

File name

Update.mum

File version

Not Applicable

File size

9,754

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

X86_4978043d61b62004a9b13cbedcc2fcf8_31bf3856ad364e35_6.2.9200.20533_none_9efdefd0e29e04e8.manifest

File version

Not Applicable

File size

713

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

X86_e4fe4ecc114aff2eb4e4f8ba36be28bc_31bf3856ad364e35_6.2.9200.16432_none_49d4369afa4d17b2.manifest

File version

Not Applicable

File size

713

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

X86_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.16432_none_91e34806f72d77d7.manifest

File version

Not Applicable

File size

7,009

Date (UTC)

10-Oct-2012

Time (UTC)

07:08

Platform

Not Applicable

File name

X86_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.20533_none_926de51c104a30f8.manifest

File version

Not Applicable

File size

7,009

Date (UTC)

10-Oct-2012

Time (UTC)

07:02

Platform

Not Applicable

Additional files for all supported x64-based versions of Windows 8 and Windows Server 2012

File name

Amd64_0d7b7b13c4ccaa9328dc3d656803b709_31bf3856ad364e35_6.2.9200.20533_none_e44fda31bb7ae092.manifest

File version

Not Applicable

File size

717

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_5245a835d2d7883ac02b3b738786c95c_31bf3856ad364e35_6.2.9200.20533_none_6194969d0222004c.manifest

File version

Not Applicable

File size

1,076

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_594e1a8371390587ef4028be853c0905_31bf3856ad364e35_6.2.9200.20533_none_27cde5e99d34a22e.manifest

File version

Not Applicable

File size

717

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_5bd42036805b1558492bc7f078c9b6f3_31bf3856ad364e35_6.2.9200.16432_none_732a9afa7814feaf.manifest

File version

Not Applicable

File size

717

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_72b6ee3537aeeac0253aebea11ef31e1_31bf3856ad364e35_6.2.9200.16432_none_27aa684ff9899a9b.manifest

File version

Not Applicable

File size

1,076

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_97eb1eee693dfa251c0bdbf55a6238a1_31bf3856ad364e35_6.2.9200.16432_none_8433fa2e93feb217.manifest

File version

Not Applicable

File size

717

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Amd64_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.16432_none_ee01e38aaf8ae90d.manifest

File version

Not Applicable

File size

7,015

Date (UTC)

10-Oct-2012

Time (UTC)

09:04

Platform

Not Applicable

File name

Amd64_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.20533_none_ee8c809fc8a7a22e.manifest

File version

Not Applicable

File size

7,015

Date (UTC)

10-Oct-2012

Time (UTC)

09:29

Platform

Not Applicable

File name

Update.mum

File version

Not Applicable

File size

10,048

Date (UTC)

10-Oct-2012

Time (UTC)

21:18

Platform

Not Applicable

File name

Wow64_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.16432_none_f8568ddce3ebab08.manifest

File version

Not Applicable

File size

6,086

Date (UTC)

10-Oct-2012

Time (UTC)

07:02

Platform

Not Applicable

File name

Wow64_microsoft-windows-i..rewebenginebinaries_31bf3856ad364e35_6.2.9200.20533_none_f8e12af1fd086429.manifest

File version

Not Applicable

File size

6,086

Date (UTC)

10-Oct-2012

Time (UTC)

08:07

Platform

Not Applicable

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the «Applies to» section.

Источник

In a previous post, you learned how to troubleshoot 401 – Unauthorized: Access is denied due to invalid credentials. In this post, we will cover how to troubleshoot HTTP Error 403.14 – Forbidden in Internet Information Services (IIS).

Contents

  1. HTTP Error 403.14 – Forbidden
  2. Cause of error
  3. Resolving the error
    • Directory browsing is not enabled
    • Enable directory browsing using the IIS Manager
    • Default document is not configured
    • ASP.NET is not installed on the server
  4. Common 403 substatus codes
  5. Conclusion
  • Author
  • Recent Posts

Surender Kumar has more than twelve years of experience in server and network administration. His fields of interest are Windows Servers, Active Directory, PowerShell, web servers, networking, Linux, virtualization, and penetration testing. He loves writing for his blog.

Latest posts by Surender Kumar (see all)

  • Extending LVM space in Ubuntu — Thu, Feb 2 2023
  • Backup in Proxmox VE — Thu, Jan 26 2023
  • Snapshots in Proxmox VE — Wed, Jan 25 2023

HTTP Error 403.14 – Forbidden

HTTP Error 403.14 Forbidden

HTTP Error 403.14 Forbidden

The HTTP Error 403.14 – Forbidden is displayed when you try to access a website hosted on IIS having detailed errors enabled. As you can see in the screenshot, the error page says The Web server is configured to not list the contents of this directory and also indicates the most likely causes of this error.

If the detailed errors are not enabled, you will see a custom error page with a generic message: 403 –Forbidden: Access is denied.

403 Forbidden Access is denied

403 Forbidden Access is denied

Cause of error

As indicated by the detailed error page, there are three likely causes of this error:

  1. Directory browsing is not enabled—Directory browsing is the ability of a web server to list the contents of the website’s root directory in a web browser. The following screenshot shows what a website looks like when directory browsing is enabled:

What a website looks like in a browser when directory browsing is enabled

What a website looks like in a browser when directory browsing is enabled

As you can see in the screenshot, directory browsing enables visitors to view files and browse through the directories. The chances are pretty slim that you want your website to look like this.

  1. Default document is not configured—The default document is a file that is served by the web server when the client does not specify a particular file in a uniform resource locator (URL). By default, web server software recognizes file names such as default.htm, default.html, default.aspx, index.html, index.htm, etc. The following screenshot shows a list of default documents supported by IIS:

Viewing the default document for a website in the IIS Manager

Viewing the default document for a website in the IIS Manager

To add a custom default document (e.g., awesomehome.html), click Add and then type the name of the default document. You could even change the order of documents by selecting one and then clicking the Move Up or Move Down options in the Actions pane on the right.

  1. The ASP.NET feature is not installed on the server—The default documents, such as aspx and index.html, only work with websites that use traditional frameworks. With modern frameworks and programming technologies such as MVC, the default pages are defined and handled right inside the application code by the developers. So, if your website is using MVC or a similar technology, you need to install the ASP.NET feature on the server. See how to install ASP.NET on the web server.

Resolving the error

We covered the possible causes of this error in the previous section. Now, depending on your scenario, you could try the following steps to fix this error:

Directory browsing is not enabled

If you know that your website should list the contents of the root directory so that visitors can browse the files and folders, you need to enable the Directory Browsing option, using either the IIS Manager or the web.config file.

Enable directory browsing using the IIS Manager

Open the IIS Manager, select your website, and then double-click the Directory Browsing option under IIS in Feature view.

Viewing the directory browsing feature in the IIS Manager

Viewing the directory browsing feature in the IIS Manager

Now click Enable in the Actions pane on the right.

Enabling directory browsing using IIS manager

Enabling directory browsing using IIS manager

Enable directory browsing using the web.config file

If you’re using a shared hosting server, you could enable directory browsing using the web.config file itself:

Open the web.config file and paste the following code between the <system.webServer> and </system.webServer> tags:

<directoryBrowse enabled="true" />

Enable directory browsing using the web.config file

Enable directory browsing using the web.config file

Default document is not configured

If your website uses a traditional framework and you see a file with a name such as default.aspx, index.html, or index.php in the website’s root directory, make sure the same filename is also available in the list of default documents. You could even ask the developer about the name of the default document for your website. For instance, I know that my website is supposed to use home.html as the default document. Therefore, I will add it either using the IIS Manager or the web.config file. See the following screenshots for reference:

Adding a default document for the website using the IIS Manager

Adding a default document for the website using the IIS Manager

Adding a default document to a website using the web.config file

Adding a default document to a website using the web.config file

ASP.NET is not installed on the server

If neither of the above solutions works, it is likely that your website is using MVC or a similar technology that requires the ASP.NET development feature on the server, and it is not currently installed. This error is common when you try to host an MVC website on a web server for the first time. To install ASP.NET, use the following PowerShell command:

Install-WindowsFeature Web-Asp-Net45 -IncludeAllSubFeature

This command installs ASP.NET 4.5 or higher on the web server, and your MVC website will start working.

If your website is supposed to use a legacy version of ASP.NET (e.g., 3.5 or below), use the following command instead:

Install-WindowsFeature Web-Asp-Net -IncludeAllSubFeature

Installing ASP.NET on a web server using PowerShell

Installing ASP.NET on a web server using PowerShell

Common 403 substatus codes

The following table covers some common HTTP 403 substatus codes, along with their possible causes and troubleshooting advice:

Subscribe to 4sysops newsletter!

Status Code Possible Cause Troubleshooting Advice
403.1 Execute access is forbidden This error indicates that the appropriate level of the execute permission is not granted. To resolve this error, make sure the application pool identity has the execute permission.
403.2 Read access is forbidden This error indicates that the appropriate level of the read permission is not granted. To resolve this error, make sure the application pool identity has the read permission.
403.3 Write access is forbidden This error indicates that the appropriate level of the write permission is not granted. To resolve this error, make sure the application pool identity has the write permission.
403.4 An SSL connection is required This error indicates that the request was made over a nonsecure HTTP channel but the web application is configured to require an SSL connection.
403.13 The client certificate has been revoked This error indicates that the client browser tried to use a certificate that was revoked by issuing certificate authority.
403.14 The directory listing is denied We covered how to fix this error above.

Conclusion

The key to troubleshooting any IIS-related error is to enable the detailed errors. When the detailed errors aren’t helpful in revealing the actual HTTP status and substatus codes, you could use Failed Request Tracing to understand what’s going on with the HTTP request. I hope you find this post helpful.

Источник

I’m developing an ASP MVC web project. Now I have a requirement which forces me to deploy to an IIS7 inmiddle of development (to check some features). I’m getting the above mentioned error message whenever I try to type the URL of the web site. (Note: development machine: Vista Home Premium, IIS7)

What I have done until now:

Edited the HOSTS file (C:WINDOWSsystem32driversetchosts).

Put two domains in it (127.0.0.1 domain1.com & 127.0.0.1 domain2.com).

Created a folder c:websitesdirOfApplication and deployed from within Visual Studio 8 to this folder.

In IIS7 created a new site with host name domain1.com and application folder the above.

Typing the address domain1.com in Web browser results in the above error (HTTP Error 403.14 — Forbidden — The Web server is configured to not list the contents of this directory.)

I think I’m missing something but don’t know what! Tryed to deploy the files System.Web.Mvc, System.Web.Abstraction & System.Web.Routing wit the same outcome. Whenever I try to hit F5 and run the application, it works fine!

psubsee2003's user avatar

psubsee2003

8,4938 gold badges62 silver badges79 bronze badges

asked Nov 16, 2009 at 10:53

savvas sopiadis's user avatar

savvas sopiadissavvas sopiadis

1,6842 gold badges12 silver badges11 bronze badges

1

Maybe it’s useful to someone:
After converting my app to MVC 4 with .NET framework 4.5 and installing the framework on my server with IIS 7.0 I encountered the same ‘forbidden’ error mentioned in the question. I tried all options described above to no avail, when I noticed the

<system.webServer>
 <modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>

was missing from my web.config.
After adding this, everything worked. Simple, but easy to overlook…

EDIT:

Of course the solution above will work, but it is indeed a waste of resources. I think it is better to add the routing module as pointed out by Chris Herring in the comments.

<system.webServer>
  <modules>
    <remove name="UrlRoutingModule-4.0" />
    <add name="UrlRoutingModule-4.0" type="System.Web.Routing.UrlRoutingModule" preCondition="" />
  </modules>
</system.webServer>

Community's user avatar

answered Jun 14, 2012 at 8:43

Cyril Mestrom's user avatar

Cyril MestromCyril Mestrom

5,8624 gold badges19 silver badges27 bronze badges

4

Answered on SO here, question: 403 — Forbidden on basic MVC 3 deploy on iis7.5

Run aspnet_regiis -i. Often I’ve found you need to do that to get 4.0 apps to work. Open a command prompt as an Administrator (right click the command prompt icon and select Run as Administrator):

cd 
cd WindowsMicrosoft.NETFrameworkv4.xxx.xxx
aspnet_regiis -i

Once it has installed and registered, make sure you application is using an application pool that is set to .NET 4.0.

UPDATE: I just found an issue with this command. Using -i updated all application pools to ASP.NET 4.0.

Using aspnet_regiis -ir installs the version of ASP.NET but does not change any web applications to this version. You may also want to review the -iru option.

Community's user avatar

answered Jul 13, 2011 at 21:10

Brettski's user avatar

6

I too ran into this error. All the configuration and permissions were correct.
But I forgot to copy Global.asax to the server, and that’s what gave the 403 error.

answered Sep 16, 2012 at 19:59

Bogdan Litescu's user avatar

0

It’s because of being too sure about what you (me) are doing!

On my machine there is IIS 7 installed but the required ASP.NET component (Control Panel->Programs->Turn On/Off->ASP.NET) was not.

So installing this solved the problem

Greg Gum's user avatar

Greg Gum

31.6k34 gold badges151 silver badges214 bronze badges

answered Nov 16, 2009 at 12:01

savvas sopiadis's user avatar

savvas sopiadissavvas sopiadis

1,6842 gold badges12 silver badges11 bronze badges

1

I had the same issue. This Microsoft support article fixed it for me.
https://support.microsoft.com/en-us/help/2023146/mvc-2-and-asp.net-4-web-forms-applications-that-use-url-routing-might-return-http-404-errors-when-they-attempt-to-process-extensionless-urls-on-iis-7-and-iis-7.5

In the «Turn Windows Features On or Off» dialog box of the Windows Control Panel «Programs and Features» application, perform the following steps:

  1. Navigate to the following node: Internet Information Services —> World Wide Web Services —> Common HTTP Features
  2. Make sure that the «HTTP Error Redirection» option is selected.

-or-

  1. Navigate to the following node: Internet Information Services —> World Wide Web Services —> Performance Features
  2. Make sure that the «Static Content Compression» option is selected. After either option has been selected, click «OK» to save changes.

Re-enabling either the HTTP Error Redirection module or the Static Content Compression module ensures that ASP.NET and IIS correctly synchronize HTTP pipeline events. This enables the URL routing module to process extensionsless URLs.

answered Mar 28, 2011 at 12:49

Donny V.'s user avatar

Donny V.Donny V.

21.8k13 gold badges64 silver badges79 bronze badges

In my case following approach helped me out:

  1. aspnet_regiis -i in WindowsMicrosoft.NetFramework

  2. Adding modules to system.webServer

    <system.webServer>
    <modules runAllManagedModulesForAllRequests="true"/>
    ...
</system.webServer>

NathanOliver's user avatar

NathanOliver

168k28 gold badges280 silver badges387 bronze badges

answered Apr 5, 2013 at 15:30

Stefan Michev's user avatar

Stefan MichevStefan Michev

4,6563 gold badges34 silver badges30 bronze badges

1

Try to apply the following settings shown below:

1) Give the necessary permission to the IIS_IUSRS user on IIS Server (Right click on the web site then Edit Permissions > Security).

enter image description here

2) If you use .NET Framework 4, be sure that .NET Framework version is v4.0 on the Application Pool that your web site uses.

enter image description here

3) Open Commanp Prompt as administrator and run iisreset command in order to restart IIS Server.

answered Dec 28, 2016 at 14:21

Murat Yıldız's user avatar

Murat YıldızMurat Yıldız

10.9k6 gold badges62 silver badges62 bronze badges

1

Please also check, if you are running x64, that you have enabled 32-bit applications in the app pool settings

enter image description here

answered Jul 28, 2011 at 21:47

David Christiansen's user avatar

On the Uncheck «Precompile During Publishing» — I was getting the 403.14 error on a web service I had just written in VS2015 so I rewrote it in VS2013 and was getting the same error. In both cases I had «Precompile During Publishing» on. I unchecked it but was still getting the error. In my case I also had «Delete all existing files prior to publish» but was not deleting everything from the target directory on the server before copying the new published files there. If you don’t do that — a «PrecompiledApp.config» file is left behind which causes the problem. Once I deleted that file I was golden on both the VS2013 and VS2015 versions of my web service.

answered Aug 6, 2015 at 20:48

JTTx's user avatar

JTTxJTTx

572 bronze badges

I read through every answer here looking for something that worked before I realized that I’m using IIS 10 (on Windows 10 version 2004) and this question is about IIS 7 and almost a decade old.

With that said, run this from an elevated command prompt:

dism /online /enable-feature /all /featurename:IIS-ASPNET45

The /all will automatically enable the dependent parent features: IIS-ISAPIFilter, IIS-ISAPIExtensions, and IIS-NetFxExtensibility45.

After this, you’ll notice two new (in my environment at least) application pool names mentioned .NET v4.5. ASP.NET web apps that were previously using the DefaultAppPool will just work.

enter image description here

answered Dec 14, 2020 at 22:14

Jeffrey LeCours's user avatar

If the top answers don’t work, look for a config named PrecompiledApp.config in the hosting directory and delete it if it exists. This file prevents IISExpress and LocalIIS to work properly. (And I think that’s a bug) The content of the file in my case was:

<precompiledApp version="2" updatable="true"/>

And I’m 100% positive that was the problem with my case since I tried everything in 2 hours and tested lots of times with this config.

One more thing: You cannot use aspnet_regiis in newer versions of Windows and IIS so try

dism /online /enable-feature /featurename:IIS-ASPNET45 /all

answered Jan 14, 2017 at 11:37

sotn's user avatar

sotnsotn

4,2392 gold badges28 silver badges30 bronze badges

Control Panel > turn windows features on or off > Web Server > Application Development

Check ASP.NET

answered Feb 6, 2020 at 22:50

Andrew Rebane's user avatar

Please note sometimes wrong Managed pipeline mode will cause this error. There are two choices to select integrated and classic.

answered Jan 22, 2013 at 12:44

Joe.wang's user avatar

Joe.wangJoe.wang

11.3k25 gold badges102 silver badges178 bronze badges

How to Fix “HTTP Error 403.14 – Forbidden The Web server is configured to not list the contents of this directory”

This error occurs when you have MVC 2+ running hosted on IIS 7+, this is because ASP.NET 4 was not registered in IIS. In my case I was creating a MVC 3 project and hosting it on IIS 7.5.

To fix it, make sure you have MVC 2 or above and .Net Framework 4.0 installed, then run a command prompt as administrator and type the following line:

32bit (x86)

%windir%Microsoft.NETFrameworkv4.0.30319aspnet_regiis.exe -ir

64bit (x64)

%windir%Microsoft.NETFramework64v4.0.30319aspnet_regiis.exe -ir

brimble2010's user avatar

brimble2010

17.6k7 gold badges27 silver badges44 bronze badges

answered Jan 17, 2015 at 6:16

Vishal Sen's user avatar

Vishal SenVishal Sen

1,1151 gold badge13 silver badges23 bronze badges

0

Check your Global.asax file.
In my case, it was empty.

answered Dec 7, 2016 at 13:08

oyenigun's user avatar

oyenigunoyenigun

5676 silver badges15 bronze badges

I tried everything here; nothing worked. Problem was in my Web.config file, somehow dependent assembly binding got changed from minimum 1 to minimum 0.

<!-- was -->
<runtime>
    <assemblyBinding>
        <dependentAssembly>
            <assemblyIdentity name="System.Web.Mvc" />
                <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0" />


<!-- should have been -->
                <bindingRedirect oldVersion="1.0.0.0-5.2.3.0" newVersion="5.2.3.0" />

answered Apr 6, 2017 at 8:11

codeMonkey's user avatar

codeMonkeycodeMonkey

3,8622 gold badges34 silver badges49 bronze badges

NOTHING WORKED IN THE WORLD FOR ME,

I found out the problem and this might be helpful for someone,

Applicable if you are using Plesk, I just turned this thing off and everything started to work.

Yet, I do not know what is the exact issue with it.

enter image description here

answered Aug 25, 2020 at 9:47

Adel Mourad's user avatar

Adel MouradAdel Mourad

1,28816 silver badges12 bronze badges

1

I have also encountered this same error, despite all the provided solutions for the following reasons:

  • Missing DLLs
  • Database connection string points to an inaccessible server.

answered Dec 11, 2011 at 3:55

eulerfx's user avatar

eulerfxeulerfx

36.2k5 gold badges59 silver badges82 bronze badges

In my case web.config and all files except for the /bin folder were missing (not copied somehow).
Silly, but that was the last thing I have checked.

answered Sep 3, 2012 at 16:49

eitanpo's user avatar

eitanpoeitanpo

3441 silver badge10 bronze badges

I recently had this error and found that the problem was caused by the feature «HTTP Redirection» not being enabled on my Windows Server. This blog post helped me get through troubleshooting to find the answer (despite being older Windows Server versions): http://blogs.msdn.com/b/rjacobs/archive/2010/06/30/system-web-routing-routetable-not-working-with-iis.aspx for newer servers go to Computer management, then scroll down to the Web Server role and click add role services

answered Jan 28, 2013 at 14:00

Seph's user avatar

SephSeph

8,37410 gold badges61 silver badges93 bronze badges

I’m using: Win Server 2012 R2 / IIS 8.5 / MVC4 / .Net 4.5

If none of the above worked then try this:

Uncheck «Precompile during Publishing»

This kicked my butt for a few days.

answered May 7, 2015 at 17:06

D. Kermott's user avatar

D. KermottD. Kermott

1,55315 silver badges22 bronze badges

1

With ASP.NET project with C# 4.5 I’ve solved such problem by installing ASP.NET extension in Web Platform Installer

answered Jul 9, 2015 at 13:34

Kamil Gareev's user avatar

Also one more things can be possible

install .net framework 4.0 manually

This solution is for IIS7 on window 7

open cmd with administration previleges

go to directory «C:WindowsMicrosoft.NETFrameworkv4.0.30319»

type aspnet_regiis.exe -i

got to your inet manager by typing in run command «inetmgr»

refresh your IIS7

reload the site.

answered Jul 19, 2016 at 8:07

Iftikhar Ali Ansari's user avatar

I know you had this problem in an internal host, but I had experienced such an issue before in an external host and in my case it had it’s own resolution, maybe it could save somebody’s time:

In fact my website was STOPPED by some reason which currently I’m not aware of, to check it out if you have the same problem, in WebsitePanel main page go to Web -> Websites then select the domain name of your website from the list, after that in the right side of the page just opened, check if you see the word STARTED, else if you see the word STOPPED, make it get started again. That’s all.

answered Jul 22, 2017 at 12:53

Muhammad Musavi's user avatar

Muhammad MusaviMuhammad Musavi

2,3742 gold badges21 silver badges35 bronze badges

I know this is an old topic, but you can also get this error (when you are debugging) if you have a folder named the same as a route in a controller.

For instance, if you have a UserController, with a route called /User and you ALSO have a folder in your solution called «User» then IISExpress will try to browse the folder instead of showing your view.

answered May 30, 2018 at 22:55

MercifulGiraffe's user avatar

After trying every solution suggested here, I found yet another possible solution: URLScan

The IIS had WebDAV disabled, even in the web.config of my application, WebDAV’s handler and module was removed. PUTs still returned a 403 — Forbidden without any log entries in the IIS logs. (GET / POST worked fine).

Turns out the IIS had an active ISAPI Filter (the URLScan) enabled which prevented all PUTs. After removing URLScan, it worked for me.

answered Feb 7, 2019 at 13:53

Felix Beifuß's user avatar

My situation was completely different than any of these and the 403:Forbidden error message was a little bit of a red herring.

If your Application_Start() function in the Global.asax module tries to access the web.config and an entry that it’s referencing isn’t there, IIS chokes and (for some reason) throws the 403:Forbidden error message.

Double-check that you aren’t missing an entry in the web.config file that’s attempting to be accessed in your Global.asax module.

answered Sep 16, 2019 at 18:03

Jason Marsell's user avatar

Jason MarsellJason Marsell

1,7222 gold badges19 silver badges10 bronze badges

In case you’re like me and have an application using NHibernate and the above answers have not resolved your issue.

You should look at the connection string in your application; possibly in the webconfig file to ensure it is correct.

answered Sep 24, 2019 at 18:33

wale A's user avatar

wale Awale A

811 silver badge7 bronze badges

I have been using Identity Impersonate:

<system.web>
    <identity impersonate="true" userName="domainusername" password="password"/>
</system.Web>

When pushing up to the server you have to give the username access to the Temporary ASP.NET Files folder so it can read/write/execute properly:

C:WindowsMicrosoft.NET"frameworkversion""aspversion"Temporary ASP.NET Files

Obviously replace «frameworkversion» and «aspversion» with the versions you are using.

answered May 13, 2014 at 9:40

dalemac's user avatar

dalemacdalemac

3551 gold badge4 silver badges15 bronze badges

Step 1: Select the Site For which the HTTP Error is produced in IIS and then click on Directory Browsing as shown in the image below:

Step 2: In the Directory Browsing Window in IIS click on Enable in Actions on the right side as shown in the diagram below:

Now Directory Browsing is enabled for your asp.net website, just restart the web application in IIS and Browse the site in your browser and see the result.

answered Jul 30, 2014 at 21:05

user3589806's user avatar

Источник

Содержание

  1. Ошибка HTTP 403.14 — запрещено при открытии веб-страницы IIS
  2. Симптомы
  3. Решение для пользователей
  4. Решение для администраторов сайта
  5. HTTP Error 403.14 — Forbidden when you open an IIS webpage
  6. Symptoms
  7. Resolution for users
  8. Resolution for site administrators
  9. Ошибка при открытии веб-страницы IIS: 403.7 Запрещено: требуется сертификат клиента
  10. Симптомы
  11. Причина
  12. Решение
  13. Проверьте, считает ли сервер, на котором запущены службы IIS, допустимым сертификат.
  14. Установка сертификата корневого центра сертификации вручную
  15. Error when you open an IIS webpage: 403.7 Forbidden: Client certificate required
  16. Symptoms
  17. Cause
  18. Resolution
  19. Check whether the server running IIS considers the certificate valid
  20. Install the root certification authority certificate manually

Ошибка HTTP 403.14 — запрещено при открытии веб-страницы IIS

Эта статья поможет устранить ошибку «HTTP 403.14 — запрещено: веб-сервер настроен таким образом, чтобы не формировать списка содержимого каталога», которая возникает при открытии веб-страницы службы IIS (IIS).

Первоначальная версия продукта: службы IIS версии 7.0 или более поздних версий
Оригинальный номер базы знаний: 942062

  • Целевой аудиторией данной статьи являются администраторы веб-сайтов или веб-разработчики.
  • Эта статья применима только к традиционным приложениям ASP.Net Form.

Симптомы

При посещении веб-сайта, размещенного в IIS 7.0 или более поздней версии, возникает сообщение об ошибке примерно такого содержания:

Ошибка сервера в приложении «имя приложения»
Ошибка HTTP 403.14: запрещено
HRESULT: 0x00000000
Описание ошибки HRESULT: веб-сервер настроен таким образом, чтобы не формировать списка содержимого каталога.

Решение для пользователей

Если вы являетесь пользователем, вам следует связаться с администраторами веб-сайта и уведомить их о возникновении этой ошибки при переходе по данному веб-адресу.

Решение для администраторов сайта

Эта проблема возникает из-за того, что на веб-сайте не включена функция просмотра каталогов. Кроме того, документ по умолчанию не настроен. Для решения этой проблемы воспользуйтесь одним из описанных ниже способов.

Метод 1. Включение функции просмотра каталогов в IIS (рекомендуется)

Чтобы устранить эту неполадку, выполните следующие действия:

  1. Запустите диспетчер IIS. Для этого нажмите кнопку Пуск, выберите пункт Выполнить, введите команду inetmgr.exe и нажмите кнопку ОК.
  2. В диспетчере IIS последовательно разверните пункты Имя сервера, Веб-сайты, затем выберите веб-сайт, который необходимо изменить.
  3. В представлении Функции дважды щелкните пункт Просмотр каталогов.
  4. На панели Действия выберите команду Включить.

Метод 2. Добавление документа по умолчанию

Чтобы устранить эту неполадку, выполните следующие действия:

  1. Запустите диспетчер IIS. Для этого нажмите кнопку Пуск, выберите пункт Выполнить, введите команду inetmgr.exe и нажмите кнопку ОК.
  2. В диспетчере IIS последовательно разверните пункты Имя сервера, Веб-сайты, затем выберите веб-сайт, который необходимо изменить.
  3. В представлении Функции дважды щелкните пункт Документ по умолчанию.
  4. На панели Действия выберите команду Включить.
  5. В поле Имя файла введите имя документа по умолчанию и нажмите кнопку ОК.

Метод 3. Включение функции просмотра каталогов в IIS Express

Этот метод предназначен для веб-разработчиков, у которых возникает данная проблема при использовании IIS Express.

Откройте окно командной строки и перейдите в папку IIS Express на компьютере. Например, введите следующую команду в командной строке и нажмите клавишу ВВОД.

Введите следующую команду и нажмите клавишу ВВОД:

Источник

HTTP Error 403.14 — Forbidden when you open an IIS webpage

This article helps you resolve the «HTTP Error 403.14 — Forbidden — The web server is configured to not list the contents of this directory» error that occurs when you open an Internet Information Services (IIS) webpage.

Original product version: В Internet Information Services 7.0 and later versions
Original KB number: В 942062

  • The target audience for this article is website administrators and web developers.
  • This article only applies to traditional ASP.Net Form applications.

Symptoms

When you visit a website hosted on IIS 7.0 or a later version, you receive an error message that resembles the following:

Server Error in Application «application name»
HTTP Error 403.14 — Forbidden
HRESULT: 0x00000000
Description of HRESULT : The Web server is configured to not list the contents of this directory.

Resolution for users

If you’re a user, you should contact the website administrators to notify them that this error has occurred for this web address.

Resolution for site administrators

This problem occurs because the website doesn’t have the Directory Browsing feature enabled. Also, the default document isn’t configured. To resolve this problem, use one of the following methods:

Method 1: Enable the Directory Browsing feature in IIS (recommended)

To resolve this problem, follow these steps:

  1. Start IIS Manager. To do it, select Start, select Run, type inetmgr.exe, and then select OK.
  2. In IIS Manager, expand server name, expand Web sites, and then select the website that you want to change.
  3. In the Features view, double-click Directory Browsing.
  4. In the Actions pane, select Enable.

Method 2: Add a default document

To resolve this problem, follow these steps:

  1. Start IIS Manager. To do it, select Start, select Run, type inetmgr.exe, and then select OK.
  2. In IIS Manager, expand server name, expand Web sites, and then select the website that you want to change.
  3. In the Features view, double-click Default Document.
  4. In the Actions pane, select Enable.
  5. In the File Name box, type the name of the default document, and then select OK.

Method 3: Enable the Directory Browsing feature in IIS Express

This method is for the web developers who experience this issue when they use IIS Express.

Open a Command Prompt window, and navigate to the IIS Express folder on your computer. For example, type the following command at the command prompt, and then press Enter:

Type the following command, and then press Enter:

Источник

Ошибка при открытии веб-страницы IIS: 403.7 Запрещено: требуется сертификат клиента

Эта статья поможет устранить проблему, из-за которой при открытии веб-страницы служб IIS может возникнуть непредвиденная ошибка среды выполнения.

Оригинальная версия продукта: службы IIS
Исходный номер базы знаний: 186812

Целевая аудитория для этой статьи — администраторы веб-сайтов или веб-разработчики. Если вы конечный пользователь, который обнаружил эту ошибку, рекомендуется попросить администратора сайта получить инструкции по получении правильного сертификата клиента.

Симптомы

У вас есть веб-сайт, размещенный в службах IIS. При входе на веб-сайт в веб-браузере может появиться сообщение об ошибке, похожее на следующее:

Ошибка HTTP 403
403.7 Запрещено: требуется сертификат клиента

Причина

Эта ошибка возникает, когда веб-сайт запрашивает сертификат клиента, а затем клиент либо не предоставляет его, либо сертификат, предоставленный клиентским браузером, отклоняется. Сертификаты клиента — это тип SSL-сертификата, который обычно используется для идентификации пользователя или компьютера на веб-сайте.

Ниже приведено несколько возможных причин этой проблемы.

  • Корневой сертификат (сертификат центра сертификации) сертификата клиента не устанавливается на компьютере, на котором запущены службы IIS.
  • Срок действия сертификата клиента истек или срок действия не достигнут.
  • Сертификат клиента был отозван.
  • Допустимый сертификат клиента недоступен или потенциально допустимый сертификат клиента не имеет связанного закрытого ключа.

Решение

В зависимости от причины проблемы попробуйте выполнить одно из следующих действий:

  • Если у вас нет сертификата клиента для сайта и он вам нужен, обратитесь за инструкциями к администратору сайта.
  • Проверьте дату и время окончания срока действия сертификата. Если срок действия сертификата истек, обратитесь за инструкциями к администратору сайта.

Проверка подлинности на основе сертификата клиента может быть включена там, где это не требуется. Если вы хотите только требовать передачи данных по протоколу TLS/SSL, вам потребуется только сертификат сервера. Вы можете отключить проверку подлинности сертификата клиента с помощью разрешения ошибки HTTP 403.7 — Запрещено при запуске веб-приложения, размещенного на сервере, на котором запущена служба IIS 7.0.

Проверьте, считает ли сервер, на котором запущены службы IIS, допустимым сертификат.

  1. Экспортируйте сертификат в . CER-файл.
  2. Скопируйте . CER-файл на сервер, на котором запущены службы IIS.
  3. Откройте .. CER-файл на сервере, на котором запущены службы IIS.
  4. Перейдите на вкладку «Путь сертификации «. Если все сертификаты в цепочке отображаются без красного крестика, то цепочка сертификатов является доверенной компьютером. Если корневой центр сертификации имеет красный крест, перейдите к следующему набору действий.

Установка сертификата корневого центра сертификации вручную

Чтобы устранить эту проблему, установите сертификат корневого центра сертификации вручную. Выполните следующие действия.

  1. Нажмите кнопку «Пуск», выберите «Выполнить», введите mmc и нажмите кнопку «ОК».
  2. В меню «Файл » выберите » Добавить или удалить оснастку».
  3. В диалоговом окне «Добавление или удаление оснастки » выберите «Сертификаты» в разделе «Доступные оснастки«, а затем нажмите кнопку «Добавить».
  4. В оснастке «Сертификаты» выберите » Учетная запись компьютера», дважды нажмите кнопку « Готово» и нажмите кнопку » ОК».
  5. В разделе «Корень консоли» разверните раздел «Сертификаты (локальный компьютер)».
  6. Разверните доверенные корневые центры сертификации, а затем щелкните правой кнопкой мыши сертификаты.
  7. Выберите «Все задачи«, а затем выберите » Импорт. «.
  8. Нажмите кнопку «Далее», а затем перейдите к расположению, где хранится файл сертификата корневого ЦС.
  9. После выбора сертификата дважды нажмите кнопку « Далее» и нажмите кнопку «Готово».

Промежуточные сертификаты ЦС должны быть установлены в хранилище промежуточных центров сертификации, а не в хранилище доверенных корневых сертификатов. Любой сертификат центра сертификации, Issued by Issued to значения которого не совпадают (и, следовательно, сертификат не находится в верхней части иерархии), называется промежуточным ЦС.

Источник

Error when you open an IIS webpage: 403.7 Forbidden: Client certificate required

This article helps you resolve the problem where an unexpected runtime error may be thrown when you open an Internet Information Services (IIS) webpage.

Original product version: В Internet Information Services
Original KB number: В 186812

The target audience for this article is website administrators or web developers. If you are an end-user who has encountered this error, we recommend that you ask the site administrator for instructions on how to obtain the correct client certificate.

Symptoms

You have a website that is hosted on IIS. When you go to the website in a web browser, you may receive an error message that resembles the following one:

HTTP Error 403
403.7 Forbidden: Client certificate required

Cause

This error occurs when the website requests a client certificate, and then the client either doesn’t provide one or the certificate supplied by the client browser is rejected. Client certificates are a kind of Secure Sockets Layer (SSL) certificate typically used to identify a user or computer to a website.

The following are several possible causes of this problem:

  • The root certificate (certification authority certificate) of the client certificate isn’t installed on the computer that is running IIS.
  • The client certificate has expired, or the effective time hasn’t been reached.
  • The client certificate was revoked.
  • No valid client certificate is available, or a potentially valid client certificate doesn’t have an associated private key installed.

Resolution

Depending on the cause of your problem, try one of the following resolutions:

  • If you don’t have a client certificate for the site, and you need one, contact the site administrator for instructions.
  • Check the expiration date and time of the certificate. If your certificate has expired, contact the site administrator for instructions.

Client certificate authentication may be enabled where it is not required. If you intended only to require Transport Layer Security (TLS)/SSL communications, then you need only a server certificate. You can disable client certificate authentication by using the resolution in «HTTP Error 403.7 — Forbidden» error when you run a Web application that is hosted on a server that is running IIS 7.0.

Check whether the server running IIS considers the certificate valid

  1. Export the certificate to a .CER file.
  2. Copy the .CER file to the server that is running IIS.
  3. Open the .CER file on the server that is running IIS.
  4. Look at the Certification Path tab. If all certificates in the chain are displayed without a red cross, then the certificate chain is trusted by the computer. If the root certification authority has a red cross against it, continue to the next set of steps.

To resolve this issue, install the root certification authority certificate manually. Follow the following steps:

  1. Select Start, select Run, type mmc, and then select OK.
  2. On the File menu, select Add/Remove Snap-in.
  3. In the Add or Remove Snap-ins dialog box, select Certificates under Available Snap-ins, and then select Add.
  4. In the Certificates snap-in, select Computer account, select Finish twice, and then select OK.
  5. Under Console Root, expand Certificates (Local Computer).
  6. Expand Trusted Root Certification Authorities, and then right-click Certificates.
  7. Select All Tasks, and then select Import. .
  8. Select Next, and then navigate to the location where the Root CA certificate file is stored.
  9. After the certificate has been selected, select Next two times, and then select Finish.

Intermediate CA certificates should be installed in the Intermediate Certification Authorities store rather than in the Trusted Roots store. Any certification authority certificate whose Issued by and Issued to values are not the same (and therefore the certificate is not at the top of the hierarchy) is known as an Intermediate CA.

Источник

Источник

Symptoms

You can load the page just fine, but after going through the pages quickly or by opening several tabs at once, you see a 403 error:

IIS 403 Error Forbidden Access is denied

403 - Forbidden: Access is denied.

You do not have permission to view this directory or page using the credentials that you supplied.

This is a bit misleading since you might right away think that the you do not have permission to access the web page or the folder. But you know you’re authenticated because you could see the page a few seconds ago and the problem is intermittent. So why do you get 403 Forbidden: Access is denied?

What to Check

The first thing you want to check is the IIS log and look for the specific error code (403) with the timestamp when you see the 403 error. You might see something similar to the following:

2022-02-02 22:33:58 10.20.128.70 POST /ResultPage.asp - 80 - 192.168.1.25 Mozilla/4.0... https://www.itnota.com/CheckPage.asp 403 501 0 0

Open up the IIS log in a text editor and search for ” 403″ (without quotes). A leading whitespace is added to narrow down the search. You can also use regular expression to be precise but for this exercise, I think it’s an overkill.

IIS Log Search for 403 501 error in a text editor

One key thing we need to pay attention to is to check the whole error code by looking the one next to the 403 → 501. So to be exact, the error code is actually 403.501.

If you check the definition of this error here, you’ll soon find out this error has nothing to do with permission in the traditional sense of how we understand it:

403.501 - Forbidden: Too many requests from the same client IP; Dynamic IP Restriction Concurrent request rate limit reached.

This is the real issue and it’s easier to fix once we’ve figured out that we need to look at the Dynamic IP Restriction.

So now we have three options:

  1. Disable Dynamic IP Restriction.
  2. Increase the Maximum number of concurrent requests.
  3. If your connection comes from the same IP address (i.e. F5), then you can create a whitelist based on its IP address.
  4. Maybe four, as you can combine option 2 and 3 if needed.

Whether you choose option 1, 2, or 3, all the settings are in the same location in IIS.

Steps

  1. Launch IIS Manager and on the left pane window, select the site that you want to modify.

  2. In the middle window, double-click on the IP Address and Domain Restrictions.

    IIS Settings IP Address and Domain Restrictions

  3. If you want to do either option 1 or 2, click on Edit Dynamic Restriction Settings… on the right window pane.

    IIS Edit Dynamic Restriction Settings Maximum Concurrent Requests

  4. Option 1: To disable the Dynamic IP Restrction, uncheck all the checkboxes and click OK.

  5. Option 2: Modify the number in the Maximum number of concurrent requests: and still leave the Deny IP Address based on the number of concurrent requests checked. Then click OK.

  6. Option 3: You can either leave the Dynamic Restriction Settings alone, or you may combine that setting with the whitelist as well.

  7. In IP Address and Domain Restrictions window, click on Add Allow Entry… on the right window pane.

    IIS Add Allow Entry window on IP Address and Domain Restrictions settings

    Note: All your modification is saved in applicationHost.config file in the server as indicated on the bottom of the IP Address and Domain Restrictions window.

  8. Add the IP Address you want to allow entry that’s not limited by the Dynamic Restriction Settings in the Specific IP address: textbox. Or you can enter a range of IP addresses under the IP address range: textbox. Then click OK.

    IIS IP Address and Domain Restrictions - Add Allow Entry

Additional Note

As mentioned earlier, all the settings we did above is saved applicationHost.config file. The file can be found in the following directory:

%windir%system32inetsrvconfig

And all the steps above can be skipped if you edit the file using a text editor. I personally like to use GUI to prevent typos so just be aware of the risk of editing this file by hand.

  <location path="##Your-website-name-in-IIS##">
    <system.webServer>
      <asp appAllowClientDebug="true" appAllowDebugging="true" />
      <security>
        <ipSecurity>
          <add ipAddress="192.168.1.25" allowed="true" />
        </ipSecurity>
        <dynamicIpSecurity>
          <denyByConcurrentRequests maxConcurrentRequests="1" />
          <denyByRequestRate maxRequests="20" />
        </dynamicIpSecurity>
      </security>
    </system.webServer>
  </location>

That’s it.

Once you saved all the settings, the new change should take effect immediately.

Further Reading

The HTTP status code in IIS 7.0 and later versions
IIS 8.0 Dynamic IP Address Restrictions
Using Dynamic IP Restrictions
IIS Dynamic IP Restrictions whitelist

Источник
  • Remove From My Forums

  • Question

  • I am running Vista Ultimate SP2 and Visual Studio 2008.  I am getting the following error and would like to know how to fix it and how to fix it so that I am not asked for admin privilages all the time.  I am the administrator,  Here is the error I am getting:

    Server Error in Application «DEFAULT WEB SITE/BALLOONSHOP»

    Internet Information Services 7.0

    Error Summary

    HTTP Error 403.14 — Forbidden

    The Web server is configured to not list the contents of this directory.

    Detailed Error Information

    Module DirectoryListingModule
    Notification ExecuteRequestHandler
    Handler StaticFile
    Error Code 0x00000000
    Requested URL http://localhost:80/BalloonShop/
    Physical Path C:inetpubwwwrootBalloonShop
    Logon Method Anonymous
    Logon User Anonymous
    Most likely causes:

    • A default document is not configured for the requested URL, and directory browsing is not enabled on the server.
    Things you can try:

    • If you do not want to enable directory browsing, ensure that a default document is configured and that the file exists.
    • Enable directory browsing using IIS Manager.
      1. Open IIS Manager.
      2. In the Features view, double-click Directory Browsing.
      3. On the Directory Browsing page, in the Actions pane, click Enable.
    • Verify that the configuration/system.webServer/directoryBrowse@enabled attribute is set to true in the site or application configuration file.
    Links and More InformationThis error occurs when a document is not specified in the URL, no default document is specified for the Web site or application, and directory listing is not enabled for the Web site or application. This setting may be disabled on purpose to secure the contents of the server.

    View more information »

    Thank you for your assistace.

    LadyDee

Источник

Понравилась статья? Поделить с друзьями:
  • Imazing error 105
  • Imax b6ac v2 balance connect error
  • Image failed to verify with access denied что делать lenovo как исправить
  • Image error reset printer samsung scx 4650n
  • Image error reset printer samsung m2070