Hi,

One of my web applications targeting .NET 4.6.1 runs for about 36-48 hours and then I start getting the following errors:

* Unknown error "-1073741823". (System.Core)
* Exception of type 'System.Web.HttpUnhandledException' was thrown. (System.Web)

Partial Stack Trace:
System.Security.Cryptography.CryptographicException: Unknown error "-1073741823".
at System.Security.Cryptography.BCryptNative.OpenAlgorithm(String algorithm, String implementation)
at System.Security.Cryptography.BCryptAlgorithmHandleCache.GetCachedAlgorithmHandle(String algorithm, String implementation)
at System.Security.Cryptography.BCryptHashAlgorithm..ctor(CngAlgorithm algorithm, String implementation)
at System.Security.Cryptography.SHA256Cng..ctor()
at System.Web.Security.Cryptography.CryptoAlgorithms.CreateSHA256()
at System.Web.UI.EventValidationStore.Hash(String target, String argument)
at System.Web.UI.ClientScriptManager.DefaultEventValidationProvider.RegisterForEventValidation(String uniqueId, String argument)
at System.Web.UI.ClientScriptManager.RegisterForEventValidation(String uniqueId, String argument)
at System.Web.UI.WebControls.ImageButton.AddAttributesToRender(HtmlTextWriter writer)
at System.Web.UI.WebControls.WebControl.RenderBeginTag(HtmlTextWriter writer)
at System.Web.UI.WebControls.WebControl.Render(HtmlTextWriter writer)

Once I start getting those errors I lose the ability to terminal into the server, and other network services stop functioning. It seems similar to the condition described here:

https://social.msdn.microsoft.com/Forums/en-US/3d581bdb-ccaa-43c7-bbaa-ae22fce06b32/bug-in-cng-rsa-key-generation?forum=windowssdk

To mitigate for now I'm going to put the server on a nightly reboot schedule, but does anyone have any idea what could be going on here? This issue started happening about a week ago. Server is running Windows Server 2012 R2 - Version 6.3 (Build 9600), and IIS 8.

Thanks!

I have the following http->https rule

<rule name="HTTP_TO_HTTPS" enabled="true" stopProcessing="true"><match url="(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false"><add input="{HTTPS}" pattern="off" /></conditions><action type="Redirect" url="https://{HTTP_HOST}/{R:1}" 
                      redirectType="Found" /></rule>

How can I prevent this to work only for outside and not the local subnet (which is in my example 192.168.1.0/24)

I followed different tutorials and tried a lot of things, but I always get the error: 530 cannot log in home directory inaccessible.

If i change from user name directory to FTP root directory I can login and access files. I added 4 users, gave permission to these users to files but it doesn't work. 

Hi,

Is there a way in IIs to allow access only if the user is coming in with a specific URL with specific parameters?

Hello! Sorry for my English...

I have windows server with IIS 10.

My website in port 80. when i enter the server ip in the browser the website works.

Now i want to link my website to domain address.

I bought a domain address. in the domain address provider admin panel i link the domain address to my server IP address.

(Ping to the domain name does not works).

In IIS, i set biding to the domain name:

in DNS Manger i setup new forword lookup zone to my domain:

I tried to set New Host (A or AAA) and i get this error:

and this is my DNS settings:

when i try to open the domain i get error.

so... How to link my server IP address to domain?

I am creating a REST web service using the ASP.NET WEB API that generates documents. It is passed in requests that contain the document template, and in some cases a data file (other cases the data is a url or SQL connection string). So the request can be a fair amount of data (generally 2 - 20M but can be gigabytes).

The document generation can take seconds, or can take minutes. If large enough, 10 - 20 minutes.

And then it needs to return the generated document, which is usually on the order of 10 - 100M but also can be gigabytes.

First off I want to keep this service stateless (with a small exception for the async case below) and have no repository. Yes if the service goes down, any document not retreived is lost, but it can be generated again.

I want to have two modes. The first (and most used) is async where the request is made in a RESTful call with the template and data. That "job" is held in a queue and the RESTful call returns a response with a job ID (a GUID). So this call returns immediately.

The service can then be called asking both for the status of a given job, or the list of all completed jobs. There is another call to then retrieve the generated document, that will return an error if the job is not yet completed, so it always returns immediately.

And a second mode where the request is synchronous. This passes up the template & data, the document is then generated, and the response of this request is the generated document. This should run on the next available background thread.

Here's my question. To do this I need a job queue, a background worker pool, and the ability to put jobs into the background pool and on completion save off the generated document. (And there's some other details I'm sure.)

I've had some people tell me IIS can do all this. I've had others say IIS cannot do any of this and I need to create my own job queue and thread pool.

I'm looking for an authoritative answer on this. Can IIS do this? If so, how do I use this? And is there anything I need to be aware of using IIS for this?

thanks - dave

ps - I asked this on StackOverflow but all I got a general comment very dismissive of IIS (and a downvote).

Hello All;

I tried to follow the Artist here. 
Using Multiple Instances of Application Request Routing (ARR) Servers
However, I have had nothing but grief in trying to set it up.
(Read my open TA here.)

For the last year, I have run a single ARR Server for all traffic hitting 5 IIS Web Servers.
For the most part, this has worked quite well.
However, what if it hasn't always worked out as well as I think it has?
As in, what if that ARR Server got too overwhelmed and took a nap for a little while?
Well, this is what I am afraid of happening.
I would like to have more than one ARR Server to handle the requested traffic.

I found another article where this guy explains how to set it up with external websites.
That is all fine and dandy, except he does not give any information on setting it up with your own servers.
(That link is here = Setting up Multiple IIS Application Request Routing Farms on the Same Server)

Could someone please give me some information on setting up a multiple ARR Farm?
I already have both ARR Servers in NLB.
I just need to get the rest done.
(I have one 2016 Server Desktop (Main ARR), and the other(s) are/will be, Core Servers)

Thank You
Wayne

Hi Guys,

I'm looking for standard operating procedures IIS for level1 team, Example if web server 504 error what needs to be done.

my environment consists Web, App, DB(SQL) and fronted by LB(F5).

Thank you. 

I am using this as a guide to work on an IIS Rewrite Rule:
https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/creating-rewrite-rules-for-the-url-rewrite-module

This is my first rule, using the guide from the microsoft doc:

From: http://localhost/article/342/some-article-title

To: http://localhost/article.aspx?id=342&title=some-article-title

Enter into "Edit Inbound Rule"
Pattern: ^article/([0-9]+)/([_0-9a-z-]+)
Rewrite URL: article.aspx?id={R:1}&title={R:2}

Enter into "Test Pattern"
Input data to test: article/234/some-title
Pattern: ^article/([0-9]+)/([_0-9a-z-]+)
To: article.aspx?id=342&title=some-article-title

It works fine, and the test works fine too - screenshot here:

This is what the rule looks like in the web.config file:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<directoryBrowse enabled="true" />
<rewrite>
<rules>
<rule name="a">
<match url="^article/([0-9]+)/([_0-9a-z-]+)" />
<action type="Rewrite" url="article.aspx?id={R:1}&amp;title={R:2}" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

However, I want to have the rule work the other way around, so I tried the following in the rule definition:

From: http://localhost/article.aspx?id=342&title=some-article-title

To: http://localhost/article/342/some-article-title

Enter into "Edit Inbound Rule"
Pattern: ^article.aspx?id=([0-9]+)&title=([_0-9a-z-]+)
Rewrite URL: article/([0-9]+)/([_0-9a-z-]+)

Enter into "Test Pattern"
Input data to test: article.aspx?id=342&title=some-article-title
To: article/234/some-title

Unfortunately, that does not work - when I test the pattern, I get a "The input data to test does not match the pattern" response.

Screenshot of my attempt to get the rule to work the other way around:

This is what the 2nd rule looks like in the web.config file:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<directoryBrowse enabled="true" />
<rewrite>
<rules>
<rule name="a">
<match url="^article.aspx?id=([0-9]+)&amp;title=([_0-9a-z-]+)" />
<action type="Rewrite" url="article/([0-9]+)/([_0-9a-z-]+)" appendQueryString="false" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

On the 2nd rule, I have tried with and without the "Append query string" option ticked (extract above is with the option ticked).

I wondered what I might be doing wrong?

I'm fumbling my way setting up IPv6. Everything appears to be working. Now time to move on to IIS..

Using IIS7

What needs to be done to allow IPv6 to use host headers (multiple sites on a single IPv6) to resolve for both http an https?

• AAAA records are set.  
• IP listen includes ::1

Thanks!

I am learning IIS. I would like to move the C:\inetpub to D:\. D is a new hard drive. By default, the the acl for D:\ has System, Administrators, and Users.   Should I remove READ permissions from being inherited to Users?

And is it true IUSR and IIS_IUSRS are automatically part of the Users group?  I am going to run the anonymous mode as pool identity. 

Hello all, sorry for being a noob, I am very much new to IIS Reverse proxy. I am trying to set up of reverse proxy which is already implemented using nginx in Linux. I am using URL redirect ad-on and ARR. What I want to do is when someone hits the https://www.mysite.com/product1/ its should send the request to https://product1.mysite.com:8443. and if someone hits https://www.mysite.com/product2/ it should send the request tohttps://product2.mysite.com:8449 and so on and so forth. The problem I am facing is when the request reaches tohttps://product1.mysite.com:8443 using  https://www.mysite.com/product1/  and the content page is opened, whenever I try to access the content of https://product1.mysite.com:8443 using https://www.mysite.com/product1/ it gives me  HTTP Error 404.0 - Not Found, 
what my understanding is it is any relative path or for that matter, absolute paths as well need to be translated to the new URL structure. 

original web,conf file is as follows:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="^product1(.*)" />
<action type="Rewrite" url="https://product1.mysite.com:8443/{R:1}" />
</rule>
<rule name="Portainer-reverse-proxy" stopProcessing="true">
<match url="^product2(.*)" />
<action type="Rewrite" url="http://product2.mysite.com:8449/{R:1}" />
</rule>
</rules>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A, Form, Img" pattern="^/(.*)" />
<action type="Rewrite" value="/{C:1}/{R:1}" />
<conditions>
<add input="{URL}" pattern="^(product1|product2).*" />
</conditions>
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>

I have used this tutorial to configure the IIS Reverse proxy. https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing

We have two servers:

Server I: 10.0.1.3 (Debian 10 / Apache 2.4)

fqdn: music.domain.com (LAN access only)

Server II: 10.0.1.5 (Windows Server 2012 R2 / IIS 8)

Fqdn: gateway.domain.com (LAN and WAN access)

Both servers have the wildcard SSL certificate from DigiCert installed and properly configured for ssl connection over https (*.domain.com)

On server I we have a media application (Airsonic – json based )

https://music.domain.com/airsonic

From the LAN everything works flawlessly, all browsers can load Images, Frames, Scripts, Audio/Video files…

On Server II we have IIS working as a reverse proxy rule to access the Server I as follow:

<rule name="Airsonic" enabled="true" stopProcessing="true"><match url="airsonic(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="https://music.domain.com/{R:0}" /></rule>

When we try to access the https://gateway.mydomain.com/airsonic from any browser then we have the following issues:

• Failed to load resource: net::ERR_FAILED
• Uncaught (in promise) DOMException: Failed to load because no supported source was found.
• Uncaught (in promise) DOMException: The element has no supported sources.
• Cross-Origin Read Blocking (CORB) blocked cross-origin response https://music.domain.com/airsonic/login with MIME type text/html

Although we can access the application from the gateway, some frames would not load correctly, and audio and video files won't play at all!

this is our web.conf file

<?xml version="1.0" encoding="UTF-8"?><configuration><system.web><httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" /></system.web><system.webServer><httpRedirect enabled="false" destination="" childOnly="true" /><httpProtocol><customHeaders><add name="Content-Security-Policy" value="default-src https: data: 'unsafe-inline' 'unsafe-eval'" /><add name="Strict-Transport-Security" value="max-age=31536000; includeSubdomains" />				<add name="X-Frame-Options" value="SAMEORIGIN" /><add name="X-Xss-Protection" value="1;mode=block" /><remove name="X-Content-Type-Options" /><add name="X-Content-Type-Options" value="nosniff" /><add name="Access-Control-Allow-Origin" value="*" /><add name="Access-Control-Allow-Headers" value="Content-Type" /><add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" /><add name="Access-Control-Allow-Credentials" value="true" /></customHeaders></httpProtocol><httpErrors errorMode="Custom"><remove statusCode="403" /><error statusCode="403" path="https://www.domain.com/errorDocs/403" responseMode="ExecuteURL" /><remove statusCode="404" /><error statusCode="404" path="https://www.domain.com/errorDocs/404" responseMode="ExecuteURL" /><remove statusCode="500" /><error statusCode="500" path="https://www.domain.com/errorDocs/500" responseMode="ExecuteURL" /></httpErrors><rewrite><rules><clear /><rule name="https Redirect" stopProcessing="true"><match url="(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false"><add input="{HTTPS}" pattern="^OFF$" /></conditions><action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="SeeOther" /></rule><rule name="Pi-Hole" enabled="true" stopProcessing="true"><match url="admin(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.3:85/{R:0}" appendQueryString="true" /></rule><rule name="Monitorix" enabled="true" stopProcessing="true"><match url="monitorix(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.3:8181/{R:0}" appendQueryString="true" /></rule><rule name="QBTorrent" enabled="true" stopProcessing="true"><match url="qbweb/(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><serverVariables><set name="HTTP_X-Forwarded-Host" value="{HTTP_HOST}:{SERVER_PORT}" /><set name="HTTP_REFERER" value="" /><set name="HTTP_ORIGIN" value="" /></serverVariables><action type="Rewrite" url="https://10.0.1.3:8888/{R:1}" /></rule><rule name="Airsonic" enabled="true" stopProcessing="true"><match url="airsonic(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="https://music.domain.com/{R:0}" /></rule><rule name="Serviio" enabled="true" stopProcessing="true"><match url="(mediabrowser|cds)(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.7:23424/{R:0}" /></rule><rule name="WOWNAS DSI" enabled="true" stopProcessing="true"><match url="dsi/(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.8:5000/{R:1}" appendQueryString="true" /></rule></rules>  <outboundRules><rule name="Remove Server Response Header"><match serverVariable="RESPONSE_SERVER" pattern=".*" /><action type="Rewrite" value="Ups!" /></rule><rule name="Remove X-Powered-By Header"><match serverVariable="RESPONSE_X-POWERED-BY" pattern=".*" /><action type="Rewrite" value="hhhmmmm" /></rule></outboundRules></rewrite><directoryBrowse enabled="false" /></system.webServer></configuration>

We can only assume it's something to do with the configuration of IIS (reverse proxy rule), since if we bypass the gateway we have no issues playing audio/video... Our ultimate goal is to access the Airsonic Application from the WAN without connecting directly to the server I as we already configured the firewall to forward the proper ports to Server II!

How to establish trust between the content sent to and requested from between Server I and Server II that won’t fail with CORS/CORB and remain secure?

Thank you in advance for helping with this matter, and if there is a change to the rules (adding variables, adding outbound) please give us an example since we are not tech savvy around WebServer configuration

I have been trying to get this working without any luck. Hopefully this rambling makes sense to someone that has seen something like this.

I have 4 Server 2019 DC edition servers running Storage Spaces Direct. Among other plans for these servers, we wanted to host our most critical files for our operations (24x7x365 with little to not maintenance windows) to allow for patching, maintenance, and other things that could take the system offline. One of these was to host the source files for our IIS servers on the SoFS share.

So, our webservers are IIS 10 on server 2019 running PHP. If I point IIS's physical path (documet root) to a single server windows share, everything works perfectly fine. If I point it at the SoFS share, I continuously get a fastCGI timeout. Occasionally I will get the very simple "phpinfo()" page back, but more often than not, I get a timeout. The odd thing is, I do not even get to the actual timeout length before it's displayed. Static webpages display with no issues.

The share itself has not had any issues from the webservers itself in file explorer.

Last, I have gone to the command line on the webserver, executed php with a file directly on command line and it works, so that connectivity isn't the issue. I have checked the login/share permissions in IIS for physical path and app pool, as well as the caspol settings. From what I can tell, it seems to be an issue in IIS with the fastCGI, but I can't figure out what.

I tried loading the windows version of apache just to rule out an issue with the share, and it worked but for design reasons, I can't switch to apache or linux.

I did setup a shared config in IIS using the same share and it worked perfectly.

So, what am I missing?  Is there any known issues with IIS/PHP on FastCGI with SoFS that anyone knows of?

Hi,

I have a very simple rewrite rule which I have set up in an .htaccess file that works on Apache (I realise this is an IIS forum - please read one). It redirects from e.g.

• From: card.php?id=100
• To: card-100.php

This is the rule in the .htaccess file:

RewriteEngine on
RewriteRule ^card-([^/]*).php$ card.php?id=$1 [L]

I have used the import rule option in IIS, to try and recreate that same rule in IIS - I end up with this in web.config:

<?xml version="1.0" encoding="UTF-8"?><configuration><system.webServer><rewrite><rules><rule name="Imported Rule 1" stopProcessing="true"><match url="^card-([^/]*).php$" ignoreCase="false" /><action type="Rewrite" url="card.php?id={R:1}" appendQueryString="false" /></rule></rules></rewrite></system.webServer></configuration>

However, that rule does not work - I cannot, for example, type this URL in the address bar of the browser:

http://localhost/card-100.php

I get a 404 response, even though behind that it should be calling:

http://localhost/card.php?id=100

This appears in the Failed Request Trace log:

I have previously asked about how to set up a simple rule like this on these forums (https://forums.iis.net/t/1250378.aspx) but was not able to get that solved.

I just need a simple rule, so that if a user enters:

http://localhost/card-100.php

Then the page is actually calling this page in the background:

http://localhost/card.php?id=100

I have found it to be very simple to do this on Apache, but maybe due to my own limitations, I am really stuck working out how to do this on IIS.

Any advice would be much appreciated please re. how I can achieve this rewrite rule in IIS.

Thanks!

Using the WPI and selecting WordPress I was able to easily install WP, setup a basic theme, file location etc and it runs fine.

Problem is this also hosts a Visual Studio app, so when typing the server name? saw the new WP page.  Now? for WP I need to modify the Port 80 to something else... and if that is not possible?  Then how to fully delete and re-install WP so the Port can be specified? like 8080 or?

I followed some Microsoft page instructions on making the PHP config page available.  it 100% does not work.  Either 404 or Forbidden.

What is a reasonable way to change the port that the Web Platform Installer setup?  In the IIS the website is stopped.  And this is Windows Server (not win10).  It ran easily the 1st time and worked... then realize I didnt change the port.  So WordPress picked port 80, same as the visual studio app deployed on the machine.  It would be nice if they -could- co exist

We have two servers:

Server I: 10.0.1.3 (Debian 10 / Apache 2.4)

fqdn: music.domain.com (LAN access only)

Server II: 10.0.1.5 (Windows Server 2012 R2 / IIS 8)

Fqdn: gateway.domain.com (LAN and WAN access)

Both servers have the wildcard SSL certificate from DigiCert installed and properly configured for ssl connection over https (*.domain.com)

On server I we have a media application (Airsonic – json based )

https://music.domain.com/airsonic

From the LAN everything works flawlessly, all browsers can load Images, Frames, Scripts, Audio/Video files…

On Server II we have IIS working as a reverse proxy rule to access the Server I as follow:

<rule name="Airsonic" enabled="true" stopProcessing="true"><match url="airsonic(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="https://music.domain.com/{R:0}" /></rule>

When we try to access the https://gateway.mydomain.com/airsonic from any browser then we have the following issues:

• Failed to load resource: net::ERR_FAILED
• Uncaught (in promise) DOMException: Failed to load because no supported source was found.
• Uncaught (in promise) DOMException: The element has no supported sources.
• Cross-Origin Read Blocking (CORB) blocked cross-origin response https://music.domain.com/airsonic/login with MIME type text/html

Although we can access the application from the gateway, some frames would not load correctly, and audio and video files won't play at all!

this is our web.conf file

<?xml version="1.0" encoding="UTF-8"?><configuration><system.web><httpRuntime requestValidationMode="2.0" requestPathInvalidCharacters="" /></system.web><system.webServer><httpRedirect enabled="false" destination="" childOnly="true" /><httpProtocol><customHeaders><add name="Content-Security-Policy" value="default-src https: data: 'unsafe-inline' 'unsafe-eval'" /><add name="Strict-Transport-Security" value="max-age=31536000; includeSubdomains" />				<add name="X-Frame-Options" value="SAMEORIGIN" /><add name="X-Xss-Protection" value="1;mode=block" /><remove name="X-Content-Type-Options" /><add name="X-Content-Type-Options" value="nosniff" /><add name="Access-Control-Allow-Origin" value="*" /><add name="Access-Control-Allow-Headers" value="Content-Type" /><add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" /><add name="Access-Control-Allow-Credentials" value="true" /></customHeaders></httpProtocol><httpErrors errorMode="Custom"><remove statusCode="403" /><error statusCode="403" path="https://www.domain.com/errorDocs/403" responseMode="ExecuteURL" /><remove statusCode="404" /><error statusCode="404" path="https://www.domain.com/errorDocs/404" responseMode="ExecuteURL" /><remove statusCode="500" /><error statusCode="500" path="https://www.domain.com/errorDocs/500" responseMode="ExecuteURL" /></httpErrors><rewrite><rules><clear /><rule name="https Redirect" stopProcessing="true"><match url="(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false"><add input="{HTTPS}" pattern="^OFF$" /></conditions><action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="SeeOther" /></rule><rule name="Pi-Hole" enabled="true" stopProcessing="true"><match url="admin(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.3:85/{R:0}" appendQueryString="true" /></rule><rule name="Monitorix" enabled="true" stopProcessing="true"><match url="monitorix(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.3:8181/{R:0}" appendQueryString="true" /></rule><rule name="QBTorrent" enabled="true" stopProcessing="true"><match url="qbweb/(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><serverVariables><set name="HTTP_X-Forwarded-Host" value="{HTTP_HOST}:{SERVER_PORT}" /><set name="HTTP_REFERER" value="" /><set name="HTTP_ORIGIN" value="" /></serverVariables><action type="Rewrite" url="https://10.0.1.3:8888/{R:1}" /></rule><rule name="Airsonic" enabled="true" stopProcessing="true"><match url="airsonic(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="https://music.domain.com/{R:0}" /></rule><rule name="Serviio" enabled="true" stopProcessing="true"><match url="(mediabrowser|cds)(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.7:23424/{R:0}" /></rule><rule name="WOWNAS DSI" enabled="true" stopProcessing="true"><match url="dsi/(.*)" /><conditions logicalGrouping="MatchAll" trackAllCaptures="false" /><action type="Rewrite" url="http://10.0.1.8:5000/{R:1}" appendQueryString="true" /></rule></rules>  <outboundRules><rule name="Remove Server Response Header"><match serverVariable="RESPONSE_SERVER" pattern=".*" /><action type="Rewrite" value="Ups!" /></rule><rule name="Remove X-Powered-By Header"><match serverVariable="RESPONSE_X-POWERED-BY" pattern=".*" /><action type="Rewrite" value="hhhmmmm" /></rule></outboundRules></rewrite><directoryBrowse enabled="false" /></system.webServer></configuration>

We can only assume it's something to do with the configuration of IIS (reverse proxy rule), since if we bypass the gateway we have no issues playing audio/video... Our ultimate goal is to access the Airsonic Application from the WAN without connecting directly to the server I as we already configured the firewall to forward the proper ports to Server II!

How to establish trust between the content sent to and requested from between Server I and Server II that won’t fail with CORS/CORB and remain secure?

PS: We are NOT savvy in web.conf, so please give an example of how to make the rule rather than just mentioning what is supposed to be done...

Thank you in advance for helping with this matter,

Hi,

We have a web application on IIS 10, it crashes several times a day no pattern of time or related user request (sometimes there is no crash at all, also crash during the night when noboday use it),

The server version is Windows Server 2019.

I already installed a debug diag but so far was not conclusive.

I really appreciate if someone give me a direction to investigate and identify the root cause.

Best regards,

Julio

Faulting application name: w3wp.exe, version: 10.0.17763.1, time stamp: 0xcfdb13d8
Faulting module name: clr.dll, version: 4.8.4121.0, time stamp: 0x5deabd50
Exception code: 0xc00000fd
Fault offset: 0x0000000000148620
Faulting process id: 0x44cc
Faulting application start time: 0x01d611f50c5789ff
Faulting application path: c:\windows\system32\inetsrv\w3wp.exe
Faulting module path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
Report Id: cd48f061-38e8-43ce-9e92-37f4662dbbfe

Fault bucket 1977462305248139932, type 4
Event Name: APPCRASH
Response: Not available
Cab Id: 0

Problem signature:
P1: w3wp.exe
P2: 10.0.17763.1
P3: cfdb13d8
P4: clr.dll
P5: 4.8.4121.0
P6: 5deabd50
P7: c00000fd
P8: 0000000000148620
P9:
P10:

Attached files:
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER42B4.tmp.dmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER48EF.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER48FF.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER4901.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WER4912.tmp.txt

These files may be available here:
\\?\C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_w3wp.exe_b06f27f8c2b496057de924cdc4c68dbd3a96c40_98baeb8b_2d234ae2

Analysis symbol:
Rechecking for solution: 0
Report Id: 2842cc5b-de04-4d06-89ef-85078c0713a2
Report Status: 268435456
Hashed bucket: 61a08d2b902e7a93ab715b7d550a5a9c

.