I am hosting my website with a hosting service provider. The website loads perfectly when the request is HTTP (i.e. http://example.com), but the web server (IIS) fails to load static files (css, js, images) over HTTPS (i.e. https://example.com), I get "Failed to load resource: the server responded with a status of 403".
I checked this link CSS, Images, JS not loading in IIS and it says maybe I need to set the identity of the anonymous user to the App Pool Identity. The problem is that I asked my hosting service provider to perform that task, but the provider told me that they do not do that on application pool identity because this increases security leaks with impersonating authentication.
I am using .NET 5.0 and I tried to modify the launchSettings.json file to allow anonymousAuthentication, but that didn't work, do you know what else can I do to solve this issue?
Summarize from the comments:
The problem was caused by hosting firewall. Migrated the website to another hosting provider, then the problem is gone.
Related
I'm going to move sso server application (ASP.NET CORE DOTNET 6) from app service APS1 located in service plan AP1 to new app service APS2 located in different service plan APS2 (can't use Change service plan due to azure restriction on regions and resoruce groups). I cloned sso app from APS1 to APS2, added certificate and switch custom domain from APS1 to APS2. So after the change we have the same application, but located in another app service plan and another app service, under excatly the same domain. What I'm trying to understand is why cookie issued by app located in APS1 is not accpted by the same application, moved to APS2 under exactly the same domain which was switched from APS1. I tried to perform the same operation using sample app from https://learn.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-6.0 but with the same results - cookie is not being recognized after switching domain from APS1 to APS2.
What helped was to set the same application name with:
builder.Services.AddDataProtection().SetApplicationName("appName");
I am working on a Blazor(PWA) standalone app. Is deploying to a hosting provider required for standalone Blazor webassembly PWA? Or is it possible to serve the app from a network location for users to download and run it locally in their browser? I looked for documentation but can't find any. Please let me know. Thanks!
You'll need to host the app from an HTTP server that provides secure hosting (HTTPS). For example, you could set up an HTTP server on your local network, or use a hosting provider on the internet.
It cannot be shared from a network drive, or anything like that because it's not considered secure, and thus the service worker won't be registered.
I've got Azure ServiceFabric web-app (AspNetCore 3) hosted over reverse proxy (NGinx). The app use AzureAD (in company) authentication. I've Registered App for the AD and setup Redirect Urls mannually in manifest. After publishing the APP and configuring DNS and reverse proxy I tried to authorize to my app but failed with AADSTS500117: The reply uri specified in the request isn't using a secure scheme.
Is it possible to configure client to allow http redirects?
P.S. As I know Identity Server allows it by configuring DiscoveryPolicy.
P.P.S. You can find more information in my origianl question (see. How to change redirect_uri for Azure AD)
What happens?
when you deploy web apps with a reverse proxy, as is, for instance the case with App Services as Linux containers, your application will be called on an HTTP address, whereas its registered redirect URI in the app registration will be HTTPS.
This means that when a user browses to the web app, they will be redirected to login.microsoftonline.com as expected, but with redirect_uri=http://<your app service name>.azurewebsites.net/signin-oidc instead of redirect_uri=https://<your app service name>.azurewebsites.net/signin-oidc.
How to fix it?
In order to get the right result, the guidance from the ASP.NET Core team for working with proxies is in Configure ASP.NET Core to work with proxy servers and load balancers. You should address the issue centrally by using UseForwardedHeaders to fix the request fields, like scheme.
The container scenario should have been addressed by default in .NET Core 3.0. See Forwarded Headers Middleware Updates in .NET Core 3.0 preview 6. If there are issues with this for you, please contact the ASP .NET Core team https://github.com/dotnet/aspnetcore, as they will be the right team to assist with this.
I published my finalized ASP.NET MVC 4 web application through FTP using Visual Studio 2012 publishing method. My webhost is Strato.de.
The problem is that when I try to access the website's domain, it says "This domain is now reserved, but no content was uploaded". I checked the ftp server using Filezilla, and all the published files are there. I really don't know why I can't see the website.
Here is a snapshot of the files from Filezilla:
http://i60.tinypic.com/zjxle1.jpg
That sounds like the "splash" page or default web site on your domain provider. Many providers like GoDaddy want you to also buy web hosting from them, so they initially set your DNS records to a temporary shared hosting-type account with a default website inside. Make sure your DNS records/namespace servers are set to your actual hosting provider.
We are in the process of developing a .NET based IIS hosted web application as part of a re-platforming project. The original web app is on a Netscape server, in the process of migration we need to point the dns to the IIS server so that the requests are responded by IIS. at the same time we would still need the Netscape server so as to redirect the users from the IIS web app for the regions of the web site which the new application doesn't process (yet).
The old application is frame based, so we plan on using IFrames in the content area (of a master page in web client software factory) and use a URL rewrite engine to render pages from the old system in the iframe.
We also need to point the DNS entry which currently points to the Netscape server to IIS.
Are there and best practices for the above activities?
Maybe this link can help: Migrating a Web Server to IIS: Basic Steps
It discussed the steps you can take to get ready for Internet Information Services (IIS). In this article, the author takes a "nuts and bolts" approach to migrating an individual Web server.
You'll find detailed information about migrating configuration settings and content to a server running IIS 5.0 from another type of Web server, such as Apache HTTP Server or Netscape Enterprise Server.