dcxman 0 Posted January 16, 2002 I just setup a Win2K Adv Svr with IIS admin setup (done it a million times). Is there any reason why active server pages might not work? Is there an area somewhere in Adv. Server that I may have to go to in order to check if the extensions for ASP are turned on? The only thing unique about this server is that it has Cold Fusion Server Professional 4.5 running on it as well. Thanks to those is advance that can help or try to help. Been pulling out my hair on this one (what little I have of it) Share this post Link to post
CUViper 0 Posted January 16, 2002 Need more details here.... what do you mean by not working? Do you get an error message? Have you checked the error logs? Share this post Link to post
clutch 1 Posted January 16, 2002 ASP is run by an integrated compiler on the server itself, so there shouldn't be a need to turn it "on". However, there are a couple of settings in the IIS control panel that allow for script execution (defualts should be fine though). So, to repeat what was asked, what are your errors? Share this post Link to post
dcxman 0 Posted January 16, 2002 The error that came up was as follows: The page cannot be found The page you are looking for might have been removed, had its name changed, or is temporarily unavailable. -------------------------------------------------------------------------------- Please try the following: If you typed the page address in the Address bar, make sure that it is spelled correctly. Open the 142.xxx.xxx.xxx ;(xxx home page, and then look for links to the information you want. Click the Back button to try another link. Click Search to look for information on the Internet. HTTP 404 - File not found Internet Explorer END This is when I try to bring up the default.asp Share this post Link to post
dcxman 0 Posted January 16, 2002 Damn I put this it the main thread area. Sorry about Mr. Moderator. If you can please delete it from the main thread area. Thanx Sorry guys, I also forgot to mention the patches that I have installed that were from Microsoft. code red patch (q300972_w2k_sp3_x86_en.exe) IIS Lock Down for nimdA fix (IISLockD.exe) Service Pack 2 (W2KSP2.exe) I'm wondering if the IIS Lock Down would affect ASP extensions from working? Thanks again guys. Share this post Link to post
clutch 1 Posted January 16, 2002 Quote: IIS Lock Down for nimdA fix (IISLockD.exe) Yep, that can do it if you just setup the defaults. You will have this entry in your "urlscan.ini" file located at %windir%\system32\inetsrv\urlscan: Code: [AllowExtensions];; Extensions listed here are commonly used on a typical IIS server.;; Note that these entries are effective if "UseAllowExtensions=1"; is set in the [Options] section above.;.asp.htm.html.txt.jpg.jpeg.gif.css Make sure that the "Allow Extensions" option is enabled, and that ".ASP" is listed. You can also confirm that ASP files are being blocked by checking out the URLScan Log file located in that same directory. Once you amend the ini file to allow for ASP extensions, restart your IISAdmin service (which will restart several other services, depending on your configuration) and the new ini file will be loaded. Share this post Link to post
dcxman 0 Posted January 16, 2002 Thanx Clutch! I found out a bit too late using trial and error method. I did a complete format and tested ASP with each patch install and sure enough it crapped out with the IIS Lock Down. I tried looking for the "urlscan.ini" but it doesn't seem to exist. I did a complete search for it on the HDD as well without luck. Did I get the filename right? I did an "undo" with IIS Lock Down and it did not restore ASP. I re-did the IIS Lock Down and this time chose in the custom settings to not include ASP extensions but this did not work as well. I guess you're just pretty my SOL if you install IIS Lock Down period. Microsoft's beginning to really peeve me. Thanx again Clutch. Share this post Link to post
clutch 1 Posted January 16, 2002 Are you using IISLockDown v2? That's the one that installs URLScan, and hence the blocking ability. It actually works extremely well and reduces server overhead while processing annoying attacks like the ones from CodeRed/Nimda infections. Instead of handling the URL and resolving it as unavailable, the filter just drops the request and sends back a "404" while logging it. Check to see if that directory exists, and make sure that you can view all hidden and system files as well. Share this post Link to post
dcxman 0 Posted January 17, 2002 Well, to say the least, I was using IIS LockDown v.1 which was the only one available at the time nimdA attacked our area. I didn't realize that there was a version 2 out. Just came out in November from what I can see of the release date. I hit the "undo" on version 1 and then setup version 2. I chose the "Dynamic Web Server (ASP enabled)" template configuration and allowed ASP extensions through the "view settings template" option. No luck I still get the same error not allowing an ASP to come up. I went into the "urlscan.ini" to manually select the ASP configuration and changed "UseAllowExtensions=0" to "UseAllowExtensions=1" saved it and rebooted. No luck there as well. Still the same error. Whatever the first IIS LockDown v.1 did v.2 can't seem to undo it. This is a newly formatted system just bare default services and patches running. Thanx again Clutch for trying to help. Share this post Link to post
clutch 1 Posted January 17, 2002 But before you installed lockdown, it worked fine? That's weird, I have used it on 6 or 7 servers myself without any issues from normal websites (Outlook Web Access takes more fiddling). If you run it again and uninstall it, it works fine? And, do you now have a urlscan log file in the directory I mentioned earlier? Share this post Link to post