Home/ Questions/Q 3782006
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T11:01:20+00:00

I’m developing a Web application and running it using IIS. My application is a

  • 0

I’m developing a Web application and running it using IIS. My application is a file server. I need to visualize files in the web browser and I have some troubles viewing some files or directories.

For example, I’m not able to view files with .cs extension or the content of directories called bin. The Web server returns a 404 for those URLs:

Server Error

HTTP Error 404 - File or directory not found.

Description: The resource you are looking for might have been removed, 
had its name changed, or is temporarily unavailable.

Server Version Information: Internet Information Services 7.0.

I guess that this is a kind of protection that IIS has. My questions are:

  1. Do you know why IIS is filtering those files?
  2. Do you know how to configure IIS to allow retrieving those URLS?

And the most important question for me:

  • I need to deploy my Web application for many costumers, so I would like to configure it programatically. Do you know if it can be configured in the Web application, instead the IIS properly? In other case, how could I configure it with a script or similar?
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Well,

    Finally I had to change the IIS settings, allowing to override the requestFiltering: 

    In file %systemroot%\System32\inetsrv\config\applicationHost.config change:
<section name="requestFiltering" overrideModeDefault="Allow" />

    And then I used the following configuration in my Web.config:
    Note that now all the files in the Web server are unprotected. You need to setup your rules in order to protect your bin directory, and also your code files, or whatever you want.

      <system.webServer>
    <security>
      <!-- Very important, the IIS configuration must have the 
           overrideModeDefault to allow in the file  
           %systemroot%\System32\inetsrv\config\applicationHost.config -->
      <!-- section name="requestFiltering" overrideModeDefault="Allow" /> -->
      <requestFiltering>
        <fileExtensions allowUnlisted="true">
          <remove fileExtension=".asa" />
          <remove fileExtension=".asax" />
          <remove fileExtension=".ascx" />
          <remove fileExtension=".master" />
          <remove fileExtension=".skin" />
          <remove fileExtension=".browser" />
          <remove fileExtension=".sitemap" />
          <remove fileExtension=".config" />
          <remove fileExtension=".cs" />
          <remove fileExtension=".csproj" />
          <remove fileExtension=".vb" />
          <remove fileExtension=".vbproj" />
          <remove fileExtension=".webinfo" />
          <remove fileExtension=".licx" />
          <remove fileExtension=".resx" />
          <remove fileExtension=".resources" />
          <remove fileExtension=".mdb" />
          <remove fileExtension=".vjsproj"  />
          <remove fileExtension=".java" />
          <remove fileExtension=".jsl"  />
          <remove fileExtension=".ldb" />
          <remove fileExtension=".dsdgm" />
          <remove fileExtension=".ssdgm" />
          <remove fileExtension=".lsad" />
          <remove fileExtension=".ssmap" />
          <remove fileExtension=".cd" />
          <remove fileExtension=".dsprototype" />
          <remove fileExtension=".lsaprototype" />
          <remove fileExtension=".sdm" />
          <remove fileExtension=".sdmDocument" />
          <remove fileExtension=".mdf" />
          <remove fileExtension=".ldf" />
          <remove fileExtension=".ad" />
          <remove fileExtension=".dd" />
          <remove fileExtension=".ldd" />
          <remove fileExtension=".sd" />
          <remove fileExtension=".adprototype" />
          <remove fileExtension=".lddprototype" />
          <remove fileExtension=".exclude" />
          <remove fileExtension=".refresh" />
          <remove fileExtension=".compiled" />
          <remove fileExtension=".msgx" />
          <remove fileExtension=".vsdisco" />
        </fileExtensions>
        <hiddenSegments>
          <remove segment="web.config" />
          <remove segment="bin" />
          <remove segment="App_code" />
          <remove segment="App_GlobalResources" />
          <remove segment="App_LocalResources" />
          <remove segment="App_WebReferences" />
          <remove segment="App_Data" />
          <remove segment="App_Browsers" />
        </hiddenSegments>        
      </requestFiltering>
    </security>
    ...
 </system.webServer>
    • 0