HTTP Error 404-the file or directory does not find HTTP Error 401.2-unauthorized: access is denied due to server configuration.
Problem 1: parent path not enabled
Symptom example:
Server. mappath () Error 'asp 0175: 66661'
The path character is not allowed.
/0709/dqyllhsub/news/opendatabase. asp, row 4
The character '...' is not allowed in the path parameter of mappath '..'.
Cause analysis:
In many web pages, such .. /format Statement (that is, return to the previous page, that is, the parent path), and iis6.0 is disabled by default for security considerations.
Solution:
In IIS, choose Properties> Home directory> Configuration> options. Check "enable parent path. Confirm refresh.
Question 2: Improper web Extension Configuration of ASP (also applicable to ASP. NET and CGI)
Symptom example:
HTTP Error 404-file or directory not found.
Cause analysis:
In iis6.0, the web program extension option is added, in which you can.. net, CGI, IDC, and other programs are allowed or prohibited. By default, ASP and other programs are prohibited.
Solution:
Select Active Server Pages in the Web service extension in IIS and click "allow ".
Problem 3: Incorrect Identity Authentication Configuration
Symptom example:
HTTP Error 401.2-unauthorized: access is denied due to server configuration.
Cause Analysis: IIS supports the following Web authentication methods:
Anonymous Authentication
IIS creates an IUSR _ computer name account (where the computer name is the name of the server running IIS) to authenticate anonymous users when they request web content. This account grants the User Local logon permission. You can reset anonymous user access to any valid Windows account.
Basic Authentication
You can use basic authentication to restrict access to files on an NTFS-format web server. To use basic authentication, you must enter creden。 and access is based on the user ID. Both the user ID and password are sent between networks in plain text.
Windows integrated Authentication
Windows Integrated Identity Authentication is safer than basic identity authentication, and plays a role well in the Intranet environment where the user has a Windows domain account. In integrated Windows authentication, the browser attempts to use the creden used by the current user during domain login. If the attempt fails, the browser prompts the user to enter the user name and password. If you use integrated Windows authentication, your password will not be transferred to the server. If the user logs on to the local computer as a domain user, the user does not have to perform authentication again when accessing the network computer in this domain.
Digest Authentication
Abstract identity verification overcomes many disadvantages of basic identity authentication. When digest authentication is used, the password is not sent in plain text. In addition, you can use digest authentication on the proxy server. Digest authentication uses a challenge/response mechanism (integrated with the mechanism used for Windows Authentication), where the password is sent encrypted.
. NET Passport Authentication
Microsoft. NET Passport is a user authentication service that allows a single security check-in, making it safer for users to access. NET Passport-enabled web sites and services. Websites with. NET Passport enabled perform identity authentication on the central server of *. NET Passport. However, the central server does not authorize or deny specific users access to sites with. NET Passport enabled.
Solution:
Configure different identity authentication as needed (generally anonymous identity authentication, which is used by most sites ). The authentication option is configured under Properties> Security> authentication and access control of IIS.
Problem 4: Improper IP address restriction Configuration
Symptom example:
HTTP Error 403.6-Access prohibited: the client's IP address is denied.
Cause analysis:
IIS provides an IP address restriction mechanism. You can configure it to restrict a certain zhangp from accessing the site, or restrict that only some IP addresses can access the site, if the client is within the IP address range blocked by you, or is not within the permitted range, an error message is displayed.
Solution:
Go to IIS Properties> Security> IP address and domain name restrictions. If you want to restrict access from some IP addresses, You need to select authorized access. Click Add to select an IP address that is not allowed. Otherwise, only access from some IP addresses is allowed.
Question 5: the IUSR account is disabled
Symptom example:
HTTP Error 401.1-unauthorized: access is denied due to invalid creden.
Cause analysis:
Because the account used for anonymous access is the IUSR _ machine name, if this account is disabled, the user cannot access it.
Solution:
Control Panel-> Administrative Tools-> Computer Management-> local users and groups, enable IUSR _ machine name account.
Question 6: Improper NTFS permission settings
Symptom example:
HTTP Error 401.3-unauthorized: access to requested resources is denied due to ACL settings.
Cause analysis:
The Web Client user belongs to the user group. Therefore, if the NTFS permission of the file is insufficient (for example, the file has no read permission), the page cannot be accessed.
Solution:
Go to the Security tab of the folder and configure user permissions. At least read permissions are required. The NTFS permission settings are not described here.
Problem 7: the IWAM account is not synchronized
Symptom example:
HTTP 500-Internal Server Error
Cause analysis:
The IWAM account is a built-in account automatically created when IIS is installed. After the IWAM account is created, it is used by the Active Directory, IIS metabase database, and COM + applications. The account and password are respectively saved by the three parties, the operating system is responsible for synchronizing the IWAM password stored by the three parties. The system sometimes fails to synchronize the password of the IWAM account, resulting in inconsistent passwords used by the IWAM account.
Solution:
If ad exists, choose Start> program> Administrative Tools> Active Directory user and computer. Set a password for the IWAM account.
Run C: // inetpub // adminscripts> adsutil set w3svc/wamuserpass + password to synchronize IIS metabase Database Password
Run cscript C: // inetpub // adminscripts // synciwam. vbs-V to synchronize the password of the IWAM account in the COM + application
Problem 8: MIME settings make some types of files unable to be downloaded (take ISO as an example)
Symptom example:
HTTP Error 404-file or directory not found.
Cause analysis:
Iis6.0 canceled support for some MIME types, such as ISO, resulting in client download errors.
Solution:
In IIS, choose Properties> HTTP header> MIME type> New. In the subsequent dialog box, enter. ISO for the extension, and the MIME type is application.
In addition, factors such as firewall blocking, ODBC configuration errors, web server performance restrictions, and thread restrictions are also possible causes for IIS server access failure. Here we will not repeat them one by one.