I was just asked to help someone troubleshoot a site that worked fine on previous host but didn't work on Windows Server 2008 / IIS7. None of the images on certain pages were displaying, the image path looked something like this:
http://www.sitename.com/subfolder/bin/file.jpg
The subfolder wasn't marked as an application, although that doesn't really matter. The point is that since /bin/ was in the path somewhere, and it turns out that IIS7 wont allow any file to be displayed with a /bin/ in the path. It serves up a 404.2 error saying file or directory not found.
404 - File or directory not found.
The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.If you look
If you look in applicationHost.config you will find the following under the <requestFiltering> section:
<hiddenSegments applyToWebDAV="true">
<add segment="web.config" />
<add segment="bin" />
<add segment="App_code" />
<add segment="App_GlobalResources" />
<add segment="App_LocalResources" />
<add segment="App_WebReferences" />
<add segment="App_Data" />
<add segment="App_Browsers" />
</hiddenSegments>
So, IIS7 now blocks those key folders and doesn't allow them to be seen. To the outside world, any page in any of these folders appears to not exist.
The easy solution is to change the folder name, but there may be times when you really do want to keep the path name, such as for SEO purposes. Not to worry, it can be changed easily enough. This setting in on purpose though as it is for asp.net, so you usually shouldn't remove it for the whole site.
If it is your own server then you can use AppCmd or do it manually from applicationHost.config or web.config. Since requestFiltering is allowed to be set at the site or folder level by default, it's probably best to set a web.config file in the folder that you want to allow, which is your only option on shared hosting.
To do this on a per folder level, create a web.config file in your folder and type or paste the following into it. It should look something like this:
<?xml version="1.0"?>
<configuration>
<system.webServer>
<security>
<requestFiltering>
<hiddenSegments>
<remove segment="bin" />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
</configuration>
If you want to make the change to your applicationHost.config file instead, you can do it by adding a location tag to the bottom of the file (well, almost the bottom - along with the other location tags) like this:
<location path="sitename.com/subfolder/bin/debug">
<system.webServer>
<security>
<requestFiltering>
<hiddenSegments>
<remove segment="bin" />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
</location>
To do this using AppCmd just drop to the command prompt and type the following: (Be sure to change the paths to the correct page before running this.)
C:\Windows\System32\inetsrv\appcmd.exe set config "sitename.com/subfolder/bin/debug" -section:system.webServer/security/requestFiltering /-hiddenSegments.[segment='bin']
After making this change, you will be able to view pages normally, even if they have /bin in the site path.
Recent Comments