Why can't outside browsers access my Web site on the server?

Published: 13 Nov 2003

I cannot access the Internet from my Web server nor can outside browsers access my Web site on the Web server. Outside browsers get a login screen. The dedicated Web page server is in a dmz and there's nothing between it and the router. The router also handles internal LAN and Exchange Server. The Web server has routable IP address with correct DNS records at Internet provider. I installed IIS 5.0 and configured the server to point to the default Web page. The only area that I am extremely unsure about is: do I need to set up permissions for the Web to access my Web site on the server somewhere? I have not done this. I've started IIS 5.0 Lockdown and hardening procedure but am not totally through it yet.

What exactly do you mean when you say the browsers get a login screen? If you're talking about the dialog box that Internet Explorer opens to prompt you for a username and password, then your problem should be very straight-forward to fix. If you're seeing an actual Web page (not a separate dialog box), then your Web application is prompting the user for a password and I can't offer more help without investigating the specific application.

So, I'll assume that the Web browser is prompting the user for a password. This happens because IIS returned an "access denied" message to the Web browser. IIS will return this message when 1) anonymous access has not been selected, or 2) the anonymous Web user does not have file permissions to the page you are attempting to view.

Let's start by checking whether anonymous access is allowed. Launch the Internet Services Manager. Right-click your Web site (probably Default Web Site), and then click Properties. Click the Directory Security tab. In the Anonymous Access And Authentication Control box, click the Edit button.

The Authentication Methods dialog appears. Make sure the Anonymous Access checkbox is selected, and then click the Edit button. The Username field probably shows IUSR_Computername, and the Allow IIS To Control Password checkbox should normally be checked. Click OK 3 times and close Internet Services Manager.

The IUSR account is the account IIS is going to use to access files on behalf of anonymous users, and it must have access to the files and folders you're using for Web content. Let's check those file permissions next. Launch Windows Explorer, and navigate to the folder you're using for Web content (C:inetpubwwwroot by default). Right-click the folder, and then click Properties. Click the Security tab. Make sure the Internet Guest Account, Web Anonymous Users, and/or Web Applications groups have at least Read access to the Web content.

Dig Deeper on Microsoft Hyper-V management

SearchServerVirtualization

Why can't outside browsers access my Web site on the server?

Dig Deeper on Microsoft Hyper-V management

Windows IIS server hardening checklist

Internet Information Services (IIS)

Repair client access server issues to restore OWA and ActiveSync

Deploying Remote Desktop Web Access

SearchServerVirtualization

Learn the differences between VM snapshot vs. backup

How to perform a Hyper-V to VMware migration

10 benefits of server virtualization for businesses

SearchCloudComputing

Microsoft ACS going GA with preview of Teams integration

Modernize and migrate mainframe apps to the cloud

How to create snapshots for Azure VMs and managed disks

SearchSQLServer

SQL Server database design best practices and tips for DBAs

SQL Server in Azure database choices and what they offer users

Using a LEFT OUTER JOIN vs. RIGHT OUTER JOIN in SQL

SearchEnterpriseDesktop

Microsoft makes Productivity Score useful to tech buyers

Microsoft makes Universal Print generally available

Microsoft bolsters data security in 365

SearchVirtualDesktop

VMware Horizon sizing guide for Windows 10 environments

Citrix launches well-being microapps for Workspace

Choose a Windows Virtual Desktop managed service provider