Running Classic ASP on IIS 7.x - 8.x Checklist:
(1) In the "Server Manager" section, go to "Management" and "Add Roles". Look for a web server (IIS) -> Application Development -> check ASP and server side. Add IIS 6 Management Compatibility.
(2) Do not specify site folders with .com, .net, etc. in the end.
(3) Create a new user account: - [application pool user id] - user: app_pool_blahblahblah, pw: xxxxxx
(4) In the application pool advanced settings: - set the version of .Net Framework to "v2.0" - fixed the problem with the default asp doc not working! - Set Enable 32-bit Applications to TRUE. - in the "Process Model" section, change the "Identifier" to the account "[application pool user identifier] created above". - This is the default value: make sure the "load user profile" is set to "FALSE". - This is the default value: make sure that "maximum workflows" is "1".
(5) In the server manager, an SMTP server is added by function. Install the IIS6 Resource Kit so you can use the Metabase Explorer. Grant the user the user ID [application pool user] user access to / Local Machine / SmtpSvc / in IIS Metabase Mail: in the IIS 6 Management Console: http://intellitect.com/configuring-windows-smtp-server-on-windows -2008-for-relay / - In the Properties section of a virtual SMTP server: - Access tab → Relay: add the IP addresses of this server, including 127.0.0.1 - Delivery tab → Advanced: for the "fully qualified domain name" enter the name server - “Delivery” tab → Advanced: for “smart host”, for Godaddy, put “dedrelay.secureserver.net” - “Delivery” tab → Outgoing tions: make sure that the limits set to 100. - tab "Security" → add "[user ID application pool]" and IIS_IUSRS
(6) In IIS 7 and 8 under the website: - In ASP: - under the limit changes the maximum requisition amount and buffering limit to 1024000000 - set the script language to "vbscript" - set "send errors to the browser" to true - set to the Enable Parent Paths parameter is true - ONLY IF PROBLEM: Set the enable buffering to false - Authentication → change Anonymous Authentication and set the application pool identifier.
- in the "Management" section (below), go to the "Configuration Editor". - In the drop-down list, go to System.web → http runtime and change maxRequestLength to 1024000000 - In the drop-down list, select System.webserver / security / requestFiltering → chg allowDoubleEscaping = true - In the drop-down list, go to System.webserver / security / authentication / anonymousAuthentication → chg userName to empty. - ONLY IF PROBLEM: under error pages: up to 404 set to "/home.asp" and "execute URL" - ONLY IF PROBLEM: edit c: \ windows \ system32 \ inetsrv \ config \ applicationHost.config: change to "Allow"
(9) Set "Change" permissions for [application pool user authentication] for the following folders: - Your site - windows \ temp - inetpub \ temp - inetpub \ mailroot - ONLY IF PROBLEM: windows \ serviceprofiles \ networkervice \ AppData \ Local \ Temp ?
And set the permissions in the registry: - ONLY IF THE PROBLEM: HKeyLocalMachine \ Software \ Wow6432Node \ Microsoft \ Jet \ 4.0 \ Engines? FOR THESE USER ACCOUNTS: - IIS_IUSRS - [application pool user identifier] - NETWORK SERVICE
(10) For your FTP site, go to FTP authorization rules and add a rule to allow your specific users or groups.
(11) Install and use Process Monitor to find permission issues - filter
(12) Make sure SSL v2 and v3 are not used: Click the Start button, click Run, type regedit, and then click OK. In the registry editor, find the following registry key / folder: HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ SecurityProviders \ SCHANNEL \ Protocols \ SSL 2.0 Right-click the SSL 2.0 folder and select "Create" and then click "Key". Name the new Server folder. Inside the Server folder, select the Edit menu, select New, and click DWORD Value (32-bit Value). Type Enabled as the name and press Enter. Make sure it shows 0x00000000 (0) in the Data column (by default it should be). If this is not the case, right-click and select “Modify” and enter “0” as the value. Do the same with SSL 3.0. Reboot the computer. Ensure that there are no SSL 2.0 or 3.0 ciphers on the ServerSniff.net server or in the Public SSL Server database.
(13) SSL error when Safari tells the client that it needs a certificate. - Go to the IIS settings for the SSL-protected site. - Click "SSL Settings" - Select "ignore."