Error message when you try to browse a Web page that is hosted on IIS 7.0: "HTTP Error 404.7 – FILE_EXTENSION_DENIED"

Symptoms

When you try to browse a Web page that is hosted on Internet Information Services (IIS) 7.0, you receive the following error message:
Server Error in Application "<application name>"
HTTP Error 404.7 – FILE_EXTENSION_DENIED
HRESULT: 0

Description of HRESULT # The operation completed successfully.

Cause

This problem occurs because the allowUnlisted attribute is set to false. Additionally, the file name extensions of the files that you want to browse are not listed.

Resolution

To resolve this problem, follow these steps:
  1. Click Start, type Notepad in the Start Search text box, right-click Notepad, and then click Run as administrator.

    If you are prompted for an administrator password or for a confirmation, type your password or click Continue.
  2. On the File menu, click Open. In the File name box, type %windir%\System32\inetsrv\config\applicationHost.config, and then click Open.
  3. In the applicationHost.config file, press CTRL+F to search for the <requestFiltering> section.
  4. In the <requestFiltering> section, locate the following code:
    <fileExtensions allowUnlisted="false">
  5. Replace the code that you found in step 4 with the following code:
    <fileExtensions allowUnlisted="true">
    Note If you want to deny some specific file name extensions for security, you can explicitly add these extensions. For example, see the following code:
    <requestFiltering>
    <fileExtensions allowUnlisted="true">
    <add fileExtension=".asa" allowed="false" />
    <add fileExtension=".asax" allowed="false" />
    <add fileExtension=".ascx" allowed="false" />
    <add fileExtension=".master" allowed="false" />
    </fileExtensions>
    </requestFiltering>
  6. On the File menu, click Save.
  7. Close Notepad.
  8. Run a Web application that has a file name extension that is not listed in the child elements of the <fileExtensions> section.

More Information

The default setting of the allowUnlisted attribute is true. The allowUnlisted attribute is under the <fileExtensions> element of the applicationHost.config file in IIS 7.0.

You can view the IIS 7.0 Web log file to find the file name extensions in the request. The Web log file is in the following location:
%SystemDrive%\inetpub\logs\LogFiles\W3SVCx

To determine the number of x, follow these steps:
  1. Click Start, type Notepad in the Start Search box, right-click Notepad, and then click Run as administrator.

    If you are prompted for an administrator password or for a confirmation, type your password or click Continue.
  2. On the File menu, click Open. In the File name box, type %windir%\System32\inetsrv\config\applicationHost.config, and then click Open.
  3. In the applicationHost.config file, press CTRL+F to search for the <sites> section.
  4. In the <sites> section, locate the code that resembles the following:
    <site name="Default Web Site" id="1">
    Note In this code, 1 in the id="1" represents x. Therefore, in this example, the Web log file is in the following location:
    %SystemDrive%\inetpub\logs\LogFiles\W3SVC1
For more information about the fileExtensions element for the requestFiltering element in IIS 7.0, visit the following Microsoft Developer Network (MSDN) Web site:
属性

文章 ID:942045 - 上次审阅时间:2007年9月24日 - 修订版本: 1

反馈