Anonymous Authentication <anonymousAuthentication> / 403 - Forbidden: Access is denied

security iis windows-server-2008-r2 iis-7.5 appcmd
12,962

Replace <security> </security> in your applicationHost.config with

<system.webServer>
    <security>
        <authentication>
            <anonymousAuthentication enabled="true" />
        </authentication>
    </security>
</system.webServer>

You should be able to configure the same from IIS Manager as well using link

Share:
12,962

Related videos on Youtube

tugberk
Author by

tugberk

Updated on September 18, 2022

Comments

  • tugberk
    tugberk over 1 year

    I am using windows server 2008 R2 and IIS 7.5

    I deployed my app to that server for the first time and I got the following error;

    403 - Forbidden: Access is denied.

    You do not have permission to view this directory or page using the credentials that you supplied.

    so I make a little search on that and I figured that I should configure Anonymous Authentication <anonymousAuthentication> but I don't know how to do that. It is clearly explained on the following link but not sure if this is the right solution to my problem;

    http://www.iis.net/ConfigReference/system.webServer/security/authentication/anonymousAuthentication

    if this is the problem, I guess, I should put a similar code block as follows;

    <security> 
  <authentication>
   <anonymousAuthentication
      userName="User1"
      password="[enc:AesProvider:57686f6120447564652c2049495320526f636b73:enc]" />
   </authentication>
</security>

    if this is the case, how should I provide this code?

    should I use AppCmd.exe with powershell?

    EDIT ok, I continue to explore and new questions pops up on my head;

    1. As far as I got, I need to set machine username and password there. but what kind of user should I set there? where should user have access (which folders)?
    2. can I add that configuration inside my web.config file or should I provide this inside applicationHost.config?
  • tugberk
    tugberk almost 13 years
    then, our website will be reachable right? is there any downsides of this. I talked to our server guy and he couldn't figure out this problem either. but it looks not so much complex. am I right? thanks for the answer btw.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Upgrading IIS7 to IIS8
IIS_IUSRS group missing
Exchange 2010 - EMC and OWA non-functional after unexpected server reboot
Why is it good to have website content files on a separate drive other than system (OS) drive?
How to update IIS 6 to IIS 7.5 on Windows Server 2008 R2 Standard?
HTTPERR filling up, fast with Timer_ConnectionIdle
IIS 7.5 on Win server 2008 r2 useAppPoolCredentials
IIS 7.5 - can't configure two SSL Certificates under one IP-adress?
GZip Compression On IIS 7.5 is not working
DOS attack "slow post" : How to prevent in IIS