ASP pages in IIS using Localhost 401.3 Error do not have permission

64
votes

I have just installed the IIS so I can view asp files in a browser but when I put the address in a browser as : http://localhost/index.asp I get an error.

The error shows this:

HTTP Error 401.3 - Unauthorized You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.

I really need to get this sorted out, I would highly appreciate any advice on this.

6
iisasp-classic
Did you look at the permissions of the file? support.microsoft.com/default.aspx?scid=kb;EN-US;942042Damon Bauer
No doubt the permissions on your webroot, IIRC adding IUSR account will sort the problem out.Phil Parsons
Try adding the user 'Everyone', with full controlDamon Bauer
@motoxer4533 Seriously? - adding everyone will full control is not a fix and depending on security setup possibly downright dangerous!dan360
@dan360 on localhost, where theres no access to the outside world, does it really matter?Damon Bauer

6 Answers

85
votes

OK, working from memory here as I am not in front of a Windows machine.

If you right click on your webroot folder /inetpub/wwwroot/ or the website directory you are working on open properties and select security, I think it is, you will see the list of users with their permissions for that folder. There is a section to add new users where you can add the IIS_IUSRS account (search from the list of users if you need to) which will be the default user used when anonymous authentication is enabled. Give this account the relevant permissions (read, write, execute) ensuring you apply to file and subfolders. Refresh the website in IIS and you should hopefully be good to go.

92
votes

My issue was around the identity used in the app pool. I changed the site's Authentication to "Application pool identity" as well as giving the directory the appropriate permissions.

enter image description here

4
votes

I had one folder not working (extracted from a zip file which came from an email from some kind of MS Sharepointy thing. Or something). The files were all marked with Windows Explorer -> Right Click -> Properties -> Advanced -> Encrypt contents to secure data. Unticking cured it.

1
votes

In my case I had created an application in IIS 7 on Windows 7 using "Add Application" on the Default Web Site. I had to add the "users" account from the local machine and that got rid of the permissions error.

0
votes

I had this happen to me and what I needed to do was apparently add a web.config file. Doesn't matter that it was just a PHP site, and that "Everyone" had full control. Until there was a basic Web.config - NO DICE!

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers accessPolicy="Read, Execute, Script" />
        <defaultDocument>
            <files>
                <clear />
                <add value="index.php" />
                <add value="Default.htm" />
                <add value="Default.asp" />
                <add value="index.htm" />
                <add value="default.aspx" />
            </files>
        </defaultDocument>
        <directoryBrowse enabled="false" />
    </system.webServer>
</configuration>
-4
votes

Here, the set up process is explained in detail. You can follow the steps.

http://coldfusion-tip.blogspot.com/2013/10/you-do-not-have-permission-to-view-this.html