By default, the IIS server is set to show detailed errors for local requests only, whereas it displays a custom error page for remote requests. This is done for security reasons, since detailed errors could reveal potentially detailed technical information about the web server and website.
Avatar
Latest posts by Surender Kumar (see all)

The detailed errors also reveal HTTP substatus codes, which are helpful in debugging complex issues. The bad guys out there could use this information to conduct attacks on a web server or website. That is why the IIS server only shows a custom error page for remote requests by default.

Why are detailed errors important?

As discussed above, detailed errors are important when you want to debug a problem in a website hosted on a server running IIS. The custom error page shows an error message that is usually ambiguous. Let's have a look at the two screenshots below:

403 Forbidden Access is denied error using custom error page

403 Forbidden Access is denied error using custom error page

The above screenshot shows a typical 403 – Forbidden: Access is denied error using the custom error page displayed by IIS. It is not very helpful for website administrators. Now, let's have a look at the following screenshot:

403.14 Forbidden error with detailed error mode enabled

403.14 Forbidden error with detailed error mode enabled

This screenshot shows the same error with detailed error mode enabled. Now, it shows plenty of useful information that an administrator can use to identify the cause and fix the problem.

Enabling detailed errors using the IIS manager

To enable detailed errors:

  1. Open the IIS manager by pressing WinKey+R, typing inetmgr, and pressing Enter.
  2. Expand the Sites node and select the website for which you want to enable detailed errors.
  3. Under the IIS section in the Features View, double-click Error Pages (see the following screenshot).
Locating the error pages section in the IIS manager

Locating the error pages section in the IIS manager

  1. In the Actions pane on the right, click Edit Feature Settings.
Enabling detailed errors in IIS manager

Enabling detailed errors in IIS manager

  1. In Error Responses, you will see three options:
    1. Custom error pages
    2. Detailed errors
    3. Detailed errors for local requests and custom error pages for remote requests (default)
  2. Now select either the second or third option and click OK.
Viewing the detailed error modes in IIS

Viewing the detailed error modes in IIS

Since you can directly access the web server using remote desktop, selecting the third option is best. Now, you can open the web browser on the server itself and try to load the problematic webpage to see a detailed error page containing more technical information. By doing this, you're not enabling the bad guys out there to view the detailed information, since the detailed error is only displayed for local requests.

Enabling detailed errors using the web.config file

There are situations in which you cannot use the IIS manager to enable detailed errors. For example, if your website is hosted on a shared hosting site, you won't have access to the IIS manager. In such scenarios, you could enable detailed errors using the web.config file, which is usually located in the root directory of the website. Just add the following line inside the <system.webServer> tag:

<httpErrors errorMode="Detailed" />
Enabling detailed errors using web.config file

Enabling detailed errors using web.config file

Remember that by adding this line to the web.config file, you are forcing IIS to throw the detailed errors for local or remote requests.

Subscribe to 4sysops newsletter!

Once you identify the root cause of the problem, it is always recommended to disable detailed errors to prevent your website from revealing sensitive information.

0 Comments

Leave a reply

Please enclose code in pre tags: <pre></pre>

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2023

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account