We recently installed and configured a CF10 server on a 08 r2 box. After following the Adobe recommended setup (custom accounts for each of the services - iis, cf) in the lockdown guide and a reboot, cfm pages are no longer properly handled (redirected).
The web server trace identifies this as the root problem:
144. CALL_ISAPI_EXTENSION
| DllName | [home_dir]\config\wsconfig\1\isapi_redirect.dll |
|---|
Warning
145. -MODULE_SET_RESPONSE_ERROR_STATUS
| ModuleName | IsapiModule |
|---|
| Notification | 128 |
|---|
| HttpStatus | 403 |
|---|
| HttpReason | Forbidden |
|---|
| HttpSubStatus | 0 |
|---|
| ErrorCode | 0 |
|---|
| ConfigExceptionInfo |
|
|---|
| Notification | EXECUTE_REQUEST_HANDLER |
|---|
| ErrorCode | The operation completed successfully. (0x0) |
|---|
| User from token | NT AUTHORITY\IUSR |
|---|
We've already made sure that exe rights are provided for the IUSR (as well as cf and iis) to both that .dll as well as the entire folder.
We have also tried changing the handler mapping (invoke only if req is mapped to file/folder) as well as it's access config (none, script, exec).
The only time we get a different error mesage is when we disable the *.cfm mapping - which rightly so yields a 500 or a 404 error message.
By not processing .cfm page correctly the cf admin is not accessible either.
Any ideas on this would be appreciated.
p.s. there is no subcode (substatus) to the 403.
2
Replies
AdChoices