Question 1: Example of the parent path symptom: server.mappath () Error / 'ASP 0175: 80004005 /' Not allowed PATH characters / 0709/dqyllhsub/news/opendatabase.asp, line 4 is not allowed in the Path parameter of MAPPATH character/'../'. Cause Analysis: Many web pages should be used, such as ../ format statements (that is, the page of the previous layer, that is, the parent path), and IIS6.0 is for security considerations, this option is closed by default. Workaround: In IIS Properties -> Home Directory -> Configuration -> Options. Took the "Enable Parent Path". Confirm the refresh. Question 2: Improper Symptoms of the ASP (ASP.NET, CGI) Symptom: HTTP Error 404 - File or Directory Not found. Cause Analysis: In IIS6.0, the WEB program extension is added, which you can allow or disabled from ASP, ASP.NET, CGI, IDC, etc., by default, ASP, etc. Workaround: Select Active Server Pages in Web Service Extensions in IIS, click "Allow". Question 3: Improper authentication configuration
Example of symptoms: HTTP error 401.2 - Unauthorized: Accessing Due to the server configuration rejected. Cause Analysis: IIS supports the following Web authentication methods: Anonymous authentication IIS Create IUSR_ Computer Name Account (where the computer name is running the name of the server), used to identify them when an anonymous user requests web content verification. This account grants the user local login permissions. You can reset anonymous users to use any valid Windows account. Basic authentication Use basic authentication to limit access to files on the NTFS format web server. With basic authentication, the user must enter credentials and access is based on user ID. The user ID and password are sent between the network in the form of a clear text. Windows Integrated Authentication Windows Integration Authentication is better than basic authentication security, and can work well in the internal network environment with the user's Windows domain account. In integrated Windows authentication, the browser attempts to use the current user's credentials used in the domain login process. If the attempt fails, you will prompt the user to enter the username and password. If you use an integrated Windows authentication, the user's password will not be transferred to the server. If the user logs in to the local computer as a domain user, he does not have to perform authentication again when accessing the network computer in this domain. Summary Authentication Summary Authentication overcomes many of the shortcomings of basic authentication. When using a summary authentication, the password is not sent in a clear manner. Alternatively, you can use a summary authentication through a proxy server. Summary Authentication Use a challenge / response mechanism (integrated with Windows authentication), where the password is sent in encryption. .NET Passport authentication Microsoft .NET Passport is a user authentication service that allows a single check in security that allows users to be more secure when accessing the .NET Passport's Web site and services. Enabled .Net Passport's site will rely on the .NET Passport central server to authenticate the user. However, the center server will not authorize or reject a specific user to access the site of the .NET Passport. Workaround: Configure different identity authentication as needed (generally anonymity authentication, this is the authentication method used by most sites). Authentication options in the properties of IIS -> Security -> Authentication and Access Control. Question 4: IP Limit Configuration Improper Symptom: HTTP Error 403.6 - Disable Access: The client's IP address is rejected. Cause Analysis: IIS provides IP-limited mechanisms, you can limit some IPs that cannot access sites, or limit only some IPs can access the site, and if the client is blocked within the IP range, or not Error prompts will occur within the range you allow. Workaround: Enter IIS's properties -> Security -> IP address and domain name limit. If you want to limit access to some IP addresses, you need to select an authorization access, and add the IP address that is not allowed. Conversely, you can only allow access to some IP addresses. Question 5: IUSR Account Disabled Symptoms: HTTP Error 401.1 - Unauthorized: Access Since the credential is invalid. Cause Analysis: Since the account used by the user anonymous access is the IUSR_ machine name, if this account is disabled, the user will cause the user to access. Workaround: Control Panel -> Administrative Tools -> Computer Management -> Local Users and Groups, enabled IUSR_ machine name accounts.
