Today I was developing a little Silverlight client app and everything was working fine in Visual Studio web server. But then I deployed my app in IIS and everytime I request a page, I got back a 404 error. It took me a while to check for all the usual culprits (permissions, authentication etc.), but I could not find out what was wrong. So I decided to check out the IIS logs (under <WINDOWS_ROOT>/system32/LogFiles/W3SVC1 for me) and here is what I found:
<time> localhost GET /Rejected-By-UrlScan 404
Ok, so that was a new one for me, so I went and checked the UrlScan logs (under <WINDOWS_ROOT>/system32/inetsrv/urlscan/logs for me) and here is what I found:
<date> <time> localhost GET /Fotoz.Web/ Rejected URL+contains+dot+in+path URL – –
So, here was the culprit denying me access: my folder path contained a dot. I had the bright idea of calling my web app Fotoz.Web which made it fail.
I then checked the UrlScan.ini file (under <WINDOWS_ROOT>/system32/inetsrv/urlscan for me) and found the setting:
which I changed to:
This should not impact too much on the security since I still had the following in the [DenyUrlSequence] section:
.. ; Don’t allow directory traversals
which I think is the only thing that could matter if my server was ill-configured.