Wednesday, 17 April 2013

Error message when you try to browse a Web page that is hosted on IIS 7.0: "HTTP Error 404.7 – FILE_EXTENSION_DENIED"

When you try to browse a Web page that is hosted on Internet Information Services (IIS) 7.0, you receive the following error message:
Server Error in Application "<application name>"

This problem occurs because the allowUnlisted attribute is set to false. Additionally, the file name extensions of the files that you want to browse are not listed.

To resolve this problem, follow these steps:
  1. Click Start, type Notepad in the Start Search text box, right-click Notepad, and then click Run as administrator.
  2. If you are prompted for an administrator password or for a confirmation, type your password or click Continue.  On the File menu, click Open. In the File name box, type %windir%\System32\inetsrv\config\applicationHost.config, and then click Open.
  3. In the applicationHost.config file, press CTRL+F to search for the <requestFiltering> section.
  4. In the <requestFiltering> section, locate the following code:  <fileExtensions allowUnlisted="false">
  5. Replace the code that you found in step 4 with the following code:
  •  <fileExtensions allowUnlisted="true"> Note If you want to deny some specific file name extensions for security, you can explicitly add these extensions. For example, see the following code: <requestFiltering>
 <fileExtensions allowUnlisted="true">
         <add fileExtension=".asa" allowed="false" />
         <add fileExtension=".asax" allowed="false" />
         <add fileExtension=".ascx" allowed="false" />
         <add fileExtension=".master" allowed="false" />
6. On the File menu, click Save.
7. Close Notepad.
8.    Run a Web application that has a file name extension that is not listed in the child elements of the <fileExtensions> section.

No comments:

Post a Comment