HTTP Error Messages Page
You can configure Internet Information Services (IIS) to send custom error messages instead of the default HTTP 1.1 error messages. These custom error messages can be mapped to a file name or to a URL.
HTTP 1.1 Error Messages
HTTP 1.1 error messages are returned to the client browser in the form of an HTML page that contains a generic message. When a user attempts to connect to a Web site and an HTTP error occurs, an error message is sent back to the client browser with a brief description of what happened during the attempt to establish a connection. For example, if a user attempts to connect to a Web site that has reached its maximum connection capacity, an HTTP error is returned to the client that contains the statement "Too many users."
Custom Error Messages
All IIS custom error messages display industry-standard HTTP codes, which ensure consistency with HTTP 1.1 error messages. However, you can use the Custom IIS Errors Pages functionality to customize generic HTTP error messages.
You can choose to provide a more informative or "friendly," feedback than default HTTP 1.1 error messages. For example, the default HTTP 1.1 404 error message that contains the statement "Object Not Found." can be expanded to: "The Web server cannot find the file/script you asked for. Please check the URL to ensure that the path is correct. Please contact the server's administrator if this problem persists."
When a set of custom error messages is configured at the Web Site level, all directories under that server inherit the entire list of custom error messages. The two custom error message lists (for the server and the directory) are not merged.
Error Codes
The following HTTP error messages can be customized with IIS:
Error Code | Error Definition |
---|---|
400 | Cannot resolve the request. |
401.1 | Unauthorized: Access is denied due to invalid credentials. |
401.2 | Unauthorized: Access is denied due to server configuration favoring an alternate authentication method. |
401.3 | Unauthorized: Access is denied due to an ACL set on the requested resource. |
401.4 | Unauthorized: Authorization failed by a filter installed on the Web server. |
401.5 | Unauthorized: Authorization failed by an ISAPI/CGI application. |
401.7 | Unauthorized: Access denied by URL authorization policy on the Web server. |
403 | Forbidden: Access is denied. |
403.1 | Forbidden: Execute access is denied. |
403.2 | Forbidden: Read access is denied. |
403.3 | Forbidden: Write access is denied. |
403.4 | Forbidden: SSL is required to view this resource. |
403.5 | Forbidden: SSL 128 is required to view this resource. |
403.6 | Forbidden: IP address of the client has been rejected. |
403.7 | Forbidden: SSL client certificate is required. |
403.8 | Forbidden: DNS name of the client is rejected. |
403.9 | Forbidden: Too many clients are trying to connect to the Web server. |
403.10 | Forbidden: Web server is configured to deny Execute access. |
403.11 | Forbidden: Password has been changed. |
403.12 | Forbidden: Client certificate is denied access by the server certificate mapper. |
403.13 | Forbidden: Client certificate has been revoked on the Web server. |
403.14 | Forbidden: Directory listing is denied on the Web server. |
403.15 | Forbidden: Client access licenses have exceeded limits on the Web server. |
403.16 | Forbidden: Client certificate is ill-formed or is not trusted by the Web server. |
403.17 | Forbidden: Client certificate has expired or is not yet valid. |
403.18 | Forbidden: Cannot execute requested URL in the current application pool. |
403.19 | Forbidden: Cannot execute CGIs for the client in this application pool. |
403.20 | Forbidden: Passport logon failed. |
404 | File or directory not found. |
404.1 | File or directory not found: Web site not accessible on the requested port. |
404.2 | File or directory not found: Lockdown policy prevents this request. |
404.3 | File or directory not found: MIME map policy prevents this request. |
405 | HTTP verb used to access this page is not allowed. |
406 | Client browser does not accept the MIME type of the requested page. |
407 | Initial proxy authentication required by the Web server. |
410 | File has been removed. |
412 | Precondition set by the client failed when evaluated on the Web server. |
414 | Request URL is too large and therefore unacceptable on the Web server. |
415 | Unsupported Media Type. |
500 | Internal server error. |
500.11 | Server error: Application is shutting down on the Web server. |
500.12 | Server error: Application is busy restarting on the Web server. |
500.13 | Server error: Web server is too busy. |
500.14 | Server error: Invalid application configuration on the server. |
500.15 | Server error: Direct requests for GLOBAL.ASA are not allowed. |
500.16 | Server error: UNC authorization credentials incorrect. |
500.17 | Server error: URL authorization store cannot be found. |
500.18 | Server error: URL authorization store cannot be opened. |
500.19 | Server error: Data for this file is configured improperly in the metabase. |
500.20 | Server error: URL authorization scope cannot be found. |
500.100 | Internal server error: ASP error. |
501 | Header values specify a configuration that is not implemented. |
502 | Web server received an invalid response while acting as a gateway or proxy server. |
The 404.1 error can occur only on computers with multiple IP addresses. If a specific IP address/port combination receives a client request, and the IP address is not configured to listen on that particular port, IIS returns a 404.1 HTTP error. For example, if a computer has two IP addresses and only one of those IP addresses is configured to listen on port 80, any requests received on the other IP address with port 80 result in IIS returning a 404.1 error. This error should be set only at the service level because it is returned to clients only when multiple IP addresses are used on the server.
Enabling ASP Error Processing by mapping to a URL
By default, the Default Web Site and all of its applications transfer the processing of Active Server Pages (ASP) errors to the 500-100.asp file. However, any new Web Site that you create or its applications, transfers the processing of 500-100 errors to the default, and not to a custom error file. If you want to develop additional error processing for .asp files, you can do so by either mapping the 500-100 error to the 500-100.asp file or by creating an error-processing .asp file of your own.
The 500-100.asp file processes any errors that occur during compilation or running of .asp files. When an ASP error occurs, IIS returns the 500-100.asp file with detailed information about the error, such as the line number in which the error occurred and a description of the error.
If the 500-100.asp file itself contains ASP errors, ASP does not return another 500-100.asp file. Instead, the error will be reported as if no custom error file exists for 500-100 errors. If the error-processing file (by default, 500-100.asp) contains run-time errors, only this error is displayed, regardless of the type of error in the requested .asp file. Finally, if the error-handling file has preprocessor or compilation errors, both errors are displayed in the browser (the error from the 500-100.asp file and the error in the requested .asp file).
If you have an ASP page defined to handle a custom error, the script is invoked as a URL that passes the context. For example, if you have a file called handle405.asp that is defined to handle HTTP 405 errors, and a 405 error occurs when a user tries to access example.html, the handle405.asp file is invoked as if the user had typed the following:
http://example.com/handle405.asp?405;http://example.com/example.html
If you develop an application using Internet Server API (ISAPI) or Active Server Pages (ASP) to handle errors, you should customize an error message by mapping to a URL. Note that the error status is handed to the application in the URL parameters, and the application must set the HTTP header status. Otherwise, the HTTP response status is "HTTP 1.1 200 OK."