403 error when going to Drupal site's /admin page - windows

I have a frustrating issue here. Not really sure what is causing it. My Drupal site is running on a Windows server with IIS 7. When I go to the http://example.com/admin page I get a 403 error. However, if I login with http://example.com/?q=user then go to /admin it works fine. I'm guessing there's something wrong with a setting in IIS or there's some kind of permission that is wrong. There is no admin directory in my site's root directory, so its not a case of a rogue folder screwing things up. Any ideas??
Here is my web.config..
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<!-- Don't show directory listings for URLs which map to a directory. -->
<directoryBrowse enabled="false" />
<rewrite>
<rules>
<rule name="Protect files and directories from prying eyes" stopProcessing="true">
<match url="\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$" />
<action type="CustomResponse" statusCode="403" subStatusCode="0" statusReason="Forbidden" statusDescription="Access is forbidden." />
</rule>
<rule name="Force simple error message for requests for non-existent favicon.ico" stopProcessing="true">
<match url="favicon\.ico" />
<action type="CustomResponse" statusCode="404" subStatusCode="1" statusReason="File Not Found" statusDescription="The requested file favicon.ico was not found" />
</rule>
<!-- Rewrite URLs of the form 'x' to the form 'index.php?q=x'. -->
<rule name="Short URLs" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{URL}" pattern="^/favicon.ico$" ignoreCase="false" negate="true" />
<!--<add input="{REQUEST_URI}" pattern="^/(gallery2|message-boards)" negate="true" />-->
</conditions>
<action type="Rewrite" url="index.php?q={R:1}" appendQueryString="true" />
</rule>
</rules>
</rewrite>
<!-- <httpErrors>
<remove statusCode="404" subStatusCode="-1" />
<error statusCode="404" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" />
</httpErrors>
-->
<defaultDocument>
<!-- Set the default document -->
<files>
<remove value="index.php" />
<add value="index.php" />
</files>
</defaultDocument>
<staticContent>
<mimeMap fileExtension=".woff" mimeType="application/x-woff" />
</staticContent>
</system.webServer>
</configuration>

/?q=user means you don't have clean URLs enabled.
Try logging in by navigating to /?q=admin. Then make sure you have .htaccess in your site's root directory (it's hidden so you'll have to enable "see hidden files" in whatever platform you're using).
Once you're sure it's there - if not redownload Drupal with hidden files visible to get the file - clear the cache, go to "Configuration" -> "Search and metadata" -> "Clean URLs" -> enable

Related

Getting a URL Rewrite error 500 when prerendering

Maybe someone can help me out.
I have two rules in my web.config, one for pre-render and one for Vue.
I have stacked them like this:
<rules>
<rule name="prerender.io" stopProcessing="true">
<match url="(\.js|\.json|\.css|\.xml|\.less|\.png|\.jpg|\.jpeg|\.gif|\.pdf|\.doc|\.txt|\.ico|\.rss|\.zip|\.mp3|\.rar|\.exe|\.wmv|\.doc|\.avi|\.ppt|\.mpg|\.mpeg|\.tif|\.wav|\.mov|\.psd|\.ai|\.xls|\.mp4|\.m4a|\.swf|\.dat|\.dmg|\.iso|\.flv|\.m4v|\.torrent|\.ttf|\.woff|\.svg)" negate="true" />
<conditions logicalGrouping="MatchAny">
<add input="{HTTP_USER_AGENT}" pattern="googlebot|bingbot|yandex|baiduspider|facebookexternalhit|twitterbot|rogerbot|linkedinbot|embedly|quora\ link\ preview|showyoubot|outbrain|pinterest\/0\.|pinterestbot|slackbot|vkShare|W3C_Validator|whatsapp" />
<add input="{QUERY_STRING}" pattern="_escaped_fragment_" />
</conditions>
<serverVariables>
<set name="HTTP_X_PRERENDER_TOKEN" value="<removed>" />
</serverVariables>
<action type="Rewrite" url="https://service.prerender.io/https://{HTTP_HOST}{REQUEST_URI}" appendQueryString="false" logRewrittenUrl="true" />
</rule>
<rule name="Vue" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_URI}" pattern="^/api/.*" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="/" />
</rule>
</rules>
The problem is, when googlebot tries to access my site, most of the time it comes back with a URL Rewrite error 500. If I remove googlebot from the prerender rule, it will stop throwing the rewrite error, which leads me to believe the issue is with that rule, but their support team tell me it's not.
Can anyone see any glaringly obvious issues with my rules? Or know something I am missing?
It turns out this was due to ARR proxy not being turned on.
Because I host on Azure, it had to create a new file called applicationHost.xdt and add this:
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.webServer>
<proxy xdt:Transform="InsertIfMissing" enabled="true" preserveHostHeader="false"
reverseRewriteHostInResponseHeaders="false" />
<rewrite>
<allowedServerVariables>
<add name="HTTP_X_PRERENDER_TOKEN" xdt:Transform="InsertIfMissing" />
</allowedServerVariables>
</rewrite>
</system.webServer>
</configuration>
If you use IIS, you can follow this link:
https://learn.microsoft.com/en-us/iis/extensions/configuring-application-request-routing-arr/creating-a-forward-proxy-using-application-request-routing

Point subdomain to it folder IIS

There's a way to point all my subdomains to the same name folder, using Windows Server | IIS - Rewrite Rule or Proxy?
Example:
subdomain1.domain.com ----> C:\customers\development\subdomain1
subdomain2.domain.com ----> C:\customers\development\subdomain2
subdomain3.domain.com ----> C:\customers\development\subdomain3
Is it possible do automatically?
I've tryied these web.config rules
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="rewrite" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(?!www\.)(.*)\example\.com$" />
</conditions>
<action type="Rewrite" url="/{C:1}/" appendQueryString="true" logRewrittenUrl="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Thanks in advance!
URL rewrite is mainly used to rewrite URL not physical path. So you have to create a web app with root folder C:\customers\development and bind all subdomains to this IIS site. Then modify your rule to
<rule name="rewrite" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" pattern="^(?!www\.)(.*)\.example\.com$" />
</conditions>
<action type="Rewrite" url="/{C:1}/{REQUEST_URI}" appendQueryString="true" logRewrittenUrl="true" />
</rule>
Please modify ^(?!www\.)(.*)\example\.com$ to ^(?!www\.)(.*)\.example\.com$.
Finally, you should be point subdomain to subfolder
Besides, if the application in folder domain1/domain2 and domain3 are three independent projects then you need to use sub-application instead of a folder.

Laravel: Getting a 405 on Azure for DELETE requests via Axios

I've been working on a Laravel project for some time now and unfortunately hit a snag with sending a DELETE request on the production version hosted on Microsoft Azure. I found out the issue was that Azure by default denies DELETE requests to which I was directed to: How do I enable PUT requests in Azure?. However, I've updated the web.config file to the following: (Server PHP version 7.3, 64-bit)
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
<system.webServer>
<handlers>
<remove name="PHP73_via_FastCGI" />
<add name="PHP73_via_FastCGI" path="*.php" verb="GET, PUT, POST, HEAD, OPTIONS, TRACE, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK, DELETE" modules="FastCgiModule" scriptProcessor="D:\Program Files\PHP\v7.3\php-cgi.exe" resourceType="Either" requireAccess="Script" />
</handlers>
<rewrite>
<rules>
<rule name="Imported Rule 1" stopProcessing="true">
<match url="^(.*)/$" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
</conditions>
<action type="Redirect" redirectType="Permanent" url="/{R:1}" />
</rule>
<rule name="Imported Rule 2" stopProcessing="true">
<match url="^" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
I had previously tried to run this accessing D:\Program Files (x86) but unfortunately that hasn't worked either. I've posted the entire web.config because I'm not sure if some of the other settings that have been added conflict with trying to enable the DELETE.
For reference here's the route that is called:
Route::group(['middleware' => ['auth']], function($router) {
Route::post('likes', 'LikesController#store');
Route::delete('likes/{', 'LikesController#remove');
Route::delete('likes/{like}', 'LikesController#remove');
});
The call to LikesController#remove only runs $like->delete(); and then returns the comment without the like that has been deleted.
Method inside of the view component that calls axios:
axios.post('/api/likes', {comment_id: this.comment.id}).then((response) => {
this.comment = response.data;
}
I have this working fine on my local build so I'm unsure of why the issue is persisting beyond the fix that has been provided. If there's anything else that is needed please let me know and I will edit the post.

Laravel 5 on IIS7 does not work with web.config

I have a simple Laravel 5 app. It was developed on Xampp, and worked perfectly. I copied it onto the production server, and it does not work. Something is wrong with the web.config file, because if I remove it, then the app works perfectly with index.php/path
My webconfig is as follows:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Rule 1" stopProcessing="true">
<match url="^(.*)/$" ignoreCase="false" />
<action type="Redirect" redirectType="Permanent" url="/{R:1}" />
</rule>
<rule name="Rule 2" stopProcessing="true">
<match url="^" ignoreCase="false" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" />
</rule>
</rules>
</rewrite>
</system.webServer>
The app is located at a subfolder of the website and I cannot create a new site, but I can restart IIS as needed. I really don't know IIS very well (in fact I hate it), so I don't know where to check, but since the app works without the web.config, I assume it must be the culprit.
IIS Needs to have the URL Rewrite Module for the Laravel web.config to work.
On XAMPP, it will work out of the box as the Apache mod_rewrite module is included and most of the configuration settings are already provided by XAMPP.
Microsoft URL Rewrite.
Download it from here

IIS8 rewrite to force https except for a certain path

My site is asp.net.
I have a wordpress blog in the blog folder and everything works great.
My main web.config has a working rule that forces https on everything.
I have successfully added a rule in the web.config in the blog folder not to redirect to https.
My problem is that I want to exclude the wp-content/uploads/* folder from that rule.
i.e. I want the images in the upload folder to be allowed to load on https too.
(My reason is that I refer to them in my main site and the way it is, I get security messages that I have insecure content on my https pages)
My code is:
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^wp-content/uploads/.*" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
What am I doing wrong?
Thanks
Your code in problem dear plz try below code can this help you.
Something Wrong in your pattern of "^wp-content/uploads/.*" you try below code can this help you.
<rule name="Remove https" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REQUEST_URI}" pattern="^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)" negate="true" />
<add input="{HTTPS}" pattern="on" />
</conditions>
<action type="Redirect" url="http://{HTTP_HOST}/blog/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>

Resources