Q
Problem solve Get help with specific problems with your technologies, process and projects.

Why can't outside browsers access my Web site on the server?

I cannot access the Internet from my Web server nor can outside browsers access my Web site on the Web server. Outside browsers get a login screen. The dedicated Web page server is in a dmz and there's nothing between it and the router. The router also handles internal LAN and Exchange Server. The Web server has routable IP address with correct DNS records at Internet provider. I installed IIS 5.0 and configured the server to point to the default Web page. The only area that I am extremely unsure about is: do I need to set up permissions for the Web to access my Web site on the server somewhere? I have not done this. I've started IIS 5.0 Lockdown and hardening procedure but am not totally through it yet.
What exactly do you mean when you say the browsers get a login screen? If you're talking about the dialog box that Internet Explorer opens to prompt you for a username and password, then your problem should be very straight-forward to fix. If you're seeing an actual Web page (not a separate dialog box), then your Web application is prompting the user for a password and I can't offer more help without investigating the specific application.

 

So, I'll assume that the Web browser is prompting the user for a password. This happens because IIS returned an "access denied" message to the Web browser. IIS will return this message when 1) anonymous access has not been selected, or 2) the anonymous Web user does not have file permissions to the page you are attempting to view.

Let's start by checking whether anonymous access is allowed. Launch the Internet Services Manager. Right-click your Web site (probably Default Web Site), and then click Properties. Click the Directory Security tab. In the Anonymous Access And Authentication Control box, click the Edit button.

The Authentication Methods dialog appears. Make sure the Anonymous Access checkbox is selected, and then click the Edit button. The Username field probably shows IUSR_Computername, and the Allow IIS To Control Password checkbox should normally be checked. Click OK 3 times and close Internet Services Manager.

The IUSR account is the account IIS is going to use to access files on behalf of anonymous users, and it must have access to the files and folders you're using for Web content. Let's check those file permissions next. Launch Windows Explorer, and navigate to the folder you're using for Web content (C:inetpubwwwroot by default). Right-click the folder, and then click Properties. Click the Security tab. Make sure the Internet Guest Account, Web Anonymous Users, and/or Web Applications groups have at least Read access to the Web content.

This was last published in November 2003

Dig Deeper on Windows Server Virtualization and Microsoft Hyper-V

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Meet all of our Windows Server experts

View all Windows Server questions and answers

Start the conversation

Send me notifications when other members comment.

Register

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchEnterpriseDesktop

SearchVirtualDesktop

Close