0

I have a precompiled MVC site which runs successfully on multiple servers, and on multiple sites within each server.

One particular site a few days ago suddenly stopped working, returning

HTTP Error 403.14 - Forbidden

I couldn't find anything that would cause it, and rebuilt the site using the same source code as other sites on the same server, in a different folder, and the site ran fine for about 24 hours before once again suddenly experiencing the same error.

There is nothing in the Windows logs (Win 2K12 Server) or in the IIS (6.2) logs (other than confirming the 403). This particular site is running on a Virtual Server in Azure, but plenty of other sites are too, including on the same virtual server using the same source code and settings (other than domain name bindings).

I've currently moved the binding to a different process which is working fine, but I really need to get to the bottom of this in case it suddenly happens again.

I've googled this for days without success. Turning on directory browsing works, but of course not something I can or want to permanently do with MVC. Both home and MVC route requests return the same result, but calls for specific files (eg, a text file in a sub-folder) are successful. That certainly suggests a MVC-specific issue. But I can't work out how to specifically isolate the issue.

Obviously I've reset the application pool, the site itself, and indeed set up a new site using the same application pool (which is working currently, but I'm worried it too will suddenly break at the worst time).

Does anyone have any pointers for working out the main cause, please?

Steve Owen
  • 2,022
  • 1
  • 20
  • 30
  • what is the version of IIS – Steve0 Jan 31 '22 at 17:40
  • 1
    also, this looks like the same issue, not sure if this resolved it or not https://stackoverflow.com/a/46372603/903014 – Steve0 Jan 31 '22 at 17:44
  • Thanks other @SteveO! It does look like the same issue, but nothing suggested there helps or is quite relevant. It's a live server with live sites so it's not easy for us to do major updates or re-configuration. I've updated the Q cos I did put the wrong server version initially. This particular one is Win2K12 with IIS 6.2. – Steve Owen Jan 31 '22 at 17:54
  • I would lean to blaming an overzealous windows update, and if the newly constructed website is functional I would make the switch over there. It doesnt sound like you were able to reproduce the issue in the newly created location. – Steve0 Jan 31 '22 at 18:52
  • What's your application pool identity? If Azure do any change on file security to disable any read or write permission of app pool? Is there any more error message in error page? This error maybe permission issue. But it looks more like a certificate issue. Maybe its corresponding client certificate is revoked. – Bruce Zhang Feb 01 '22 at 03:18
  • @Bruce-Zhang, it's not a certificate, because I'm using a temporary domain name to test it while the live site is pointing at another process. Both http and https (using a Let's Encrypt certificate I created a couple of days ago) fail in the same way. The puzzling thing for it not working is that it continues to work on the same server for other sites, including one that is using the same app pool! Both folders (working and non-working) have been created recently using inherited permissions, and both permissions and folder objects are identical. – Steve Owen Feb 01 '22 at 10:47
  • So what's the application pool identity? If it can work when deployed on another appplication pool. If it can work, I think you can copy a new pool from the one which it can work. https://www.mcbsys.com/blog/2011/06/copy-an-iis7-application-pool/ – Bruce Zhang Feb 02 '22 at 06:10
  • It's using a custom application pool identity, and a working site is using the exact same application pool, so I'm sure it's not the pool itself. I tend to manually edit the application.config file as much as the IIS UI, so I can easily see the settings each site uses, and any differences between various app pools. – Steve Owen Feb 02 '22 at 11:23

0 Answers0