When you are checking your IIS log files you can find a field which defines the status of the request. This status can be very useful when you are trying to diagnose a problem such as a user being denied access to your site.
#Software: Microsoft Internet Information Services 5.1
#Version: 1.0
#Date: 2005-08-26 18:19:49
#Fields: date time c-ip cs-username s-sitename s-computername s-ip s-port cs-method cs-uri-stem cs-uri-query sc-status sc-win32-status sc-bytes cs-bytes time-taken cs-version cs-host
2005-08-26 18:19:49 127.0.0.1 - W3SVC1 CHRIS 127.0.0.1 80 GET /images/ - 302 0 285 586 62 HTTP/1.1 localhost
2005-08-26 18:19:49 127.0.0.1 - W3SVC1 CHRIS 127.0.0.1 80 GET /images/ - 403 5 334 587 16 HTTP/1.1 localhost
From the above log entries we can see we have a status of 302 (Object moved) for the first request, and a status of 403 (Forbidden) for the second request. But we do not know why the user was denied access. In this case I tried to browse an image directory and it did not have directory browsing enabled which should have logged a 403.14 error but IIS 5.1 and earlier do not support storing the sub status code.
Doing something similar with IIS 6 on Windows 2003 Server we get these log file entries.
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2005-08-26 00:03:26
#Fields: date time s-sitename s-computername s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs-version cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes
2005-08-26 18:33:30 W3SVC68783193 SBS2003 192.168.2.2 GET /images - 80 - 192.168.2.1 HTTP/1.1 301 0 0 399 432
2005-08-26 18:33:30 W3SVC68783193 SBS2003 192.168.2.2 GET /images/ - 80 - 192.168.2.1 HTTP/1.1 403 14 5 412 433
In the IIS 6 log file example above you can see that I am logging two status fields sc-status and sc-substatus
This time the first request is returning a status of 301 (Object Moved Permanently) and a sub status of 0 which is not used.
The second request returns a status of 403 (Forbidden) and a sub status of 14 (Directory Listing Denied)
1xx - Informational
These status codes indicate a provisional response. The client should be prepared to receive one or more 1xx responses before receiving a regular response.
100 - Continue.
101 - Switching protocols.
2xx - Success
This class of status codes indicates that the server successfully accepted the client request.
200 - OK. The client request has succeeded.
201 - Created.
202 - Accepted.
203 - Non-authoritative information.
204 - No content.
205 - Reset content.
206 - Partial content.
3xx - Redirection
The client browser must take more action to complete the request. For example, the browser may have to request a different page on the server or repeat the request by using a proxy server.
301 - Moved Permanently
302 - Object moved Temporarily
303 - See Other
304 - Not modified.
307 - Temporary redirect.
4xx - Client Error
An error occurs, and the client appears to be at fault. For example, the client may request a page that does not exist, or the client may not provide valid authentication information.
400 - Bad request.
401 - Access denied. IIS defines a number of different 401 errors that indicate a more specific cause of the error. These specific error codes are displayed in the browser but are not displayed in the IIS log:401.1 - Logon failed.
401.2 - Logon failed due to server configuration.
401.3 - Unauthorized due to ACL on resource.
401.4 - Authorization failed by filter.
401.5 - Authorization failed by ISAPI/CGI application.
401.7 – Access denied by URL authorization policy on the Web server. This error code is specific to IIS 6.0.403 - Forbidden. IIS defines a number of different 403 errors that indicate a more specific cause of the error:
403.1 - Execute access forbidden.
403.2 - Read access forbidden.
403.3 - Write access forbidden.
403.4 - SSL required.
403.5 - SSL 128 required.
403.6 - IP address rejected.
403.7 - Client certificate required.
403.8 - Site access denied.
403.9 - Too many users.
403.10 - Invalid configuration.
403.11 - Password change.
403.12 - Mapper denied access.
403.13 - Client certificate revoked.
403.14 - Directory listing denied.
403.15 - Client Access Licenses exceeded.
403.16 - Client certificate is untrusted or invalid.
403.17 - Client certificate has expired or is not yet valid.
403.18 - Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0.
403.19 - Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0.
403.20 - Passport logon failed. This error code is specific to IIS 6.0.404 - Not found. 404.0 - (None) – File or directory not found.
404.1 - Web site not accessible on the requested port.
404.2 - Web service extension lockdown policy prevents this request.
404.3 - MIME map policy prevents this request.
404.4 - No Handler (IIS 7)
404.5 - Request Filtering: URL Sequence Denied (IIS 7)
404.6 - Request Filtering: Verb denied (IIS 7)
404.7 - Request Filtering: File extension denied (IIS 7)
404.8 - Request Filtering: Denied by hidden namespace (IIS 7)
404.9 - Denied since hidden file attribute has been set (IIS 7)
404.10 - Request Filtering: Denied because request header is too long (IIS 7)
404.11- Request Filtering: Denied because URL doubled escaping (IIS 7)
404.12 - Request Filtering: Denied because of high bit characters (IIS 7)
404.13 - Request Filtering: Denied because content length too large (IIS 7)
404.14 - Request Filtering: Denied because URL too long (IIS 7)
404.15- Request Filtering: Denied because query string too long (IIS 7)405 - HTTP verb used to access this page is not allowed (method not allowed.)
406 - Client browser does not accept the MIME type of the requested page.
407 - Proxy authentication required.
412 - Precondition failed.
413 – Request entity too large.
414 - Request-URI too long.
415 – Unsupported media type.
416 – Requested range not satisfiable.
417 – Execution failed.
423 – Locked error.
5xx - Server Error
The server cannot complete the request because it encounters an error.
500.12 - Application is busy restarting on the Web server.
500.13 - Web server is too busy.
500.15 - Direct requests for Global.asa are not allowed.
500.16 – UNC authorization credentials incorrect. This error code is specific to IIS 6.0.
500.18 – URL authorization store cannot be opened. This error code is specific to IIS 6.0.
500.100 - Internal ASP error.
501 - Header values specify a configuration that is not implemented.
502 - Web server received an invalid response while acting as a gateway or proxy.
503 - Service unavailable. This error code is specific to IIS 6.0.502.1 - CGI application timeout.
502.2 - Error in CGI application.
504 - Gateway timeout.
505 - HTTP version not supported.
No comments:
Post a Comment