I have a Windows Server 2003 server with IIS6. I have one main site that works fine. I'm trying to create an alternate URL for a folder under that main site. I'm trying to setup a host header at the moment (something I've done many times) and am getting unexpected results: 403 Forbidden.
Details:
- Browsing to www.mysite.com/folder works fine.
- I have a DNS entry that points to the same server (same IP) say: folder.domain.com
- I entered folder.domain.com as a host header on the main site.
- I would expect folder.domain.com/folder to work, the same as www.mysite.com/folder works. -- (I'll need to do some url rewriting in the future I think to get rid of the need for /folder.)
Anyway, I always get a 403 forbidden when trying to use that host header URL. The 403 is simply 403...not .1, .2, or anything.
Some things I've checked and ruled out:
Missing default document: It is set and correct and I get the same thing if I try to get folder.domain.com/folder/index.html. (which works as www.mysite.com/folder/index.html)
File/Folder permissions: I'm not getting 401's, it works fine with www.mysite.com, it's set to allow anonymous, and IUSR... is assigned correctly (I think).
Config file: It's basic html so there's no web.config to check/edit. (I did see an index.php. I don't know php, so not sure if this could be involved, but I'm just trying to get to the index.html file anyway.)
Hijacked connection: In order to verify that nothing else was intercepting my connection to that server under the new name I used telnet to connect to folder.domain.com and then submitted an HTTP GET request for www.mysite.com/folder..and it worked fine. So I was connected to the same server.
Two additional weird things:
The IIS log has no 403 error logged at all.
I did a request for a page I knew didn't exist... folder.domain.com/folder/nothere.html. I still got a 403 forbidden, and in the log I found that entry and it had a 200 status code! If I try that same request with the www.mysite.com/folder/nothere.html, I get the expected 404 not found.
And to complicate matters, I only have access to the machine via web ex with a person in China and I'm in the US...so I'll have to gather up whatever thoughts/comments/suggestions I get and try them all at once, so be patient if I don't reply back with results immediately. Thanks!
