IIS depends on World Wide Web Publishing service to host websites. And this service has a dependency to Windows Process Activation Service (WAS). In some cases, WAS may not start because of the “Error 13: The data is invalid” error.

The error messages:

“Windows could not start the Windows Process Activation Service service on Local Computer. Error 13: The data is invalid:

Event 7023 for Service Control Manager: “The Windows Process Activation Service service terminated with the following error: The data is invalid.”

Solution for Error 13: The data is invalid

If you see “The data is invalid” error with WAS server, the first thing to check is the IIS configuration file (applicationHost.config). This file is probably corrupted. Any issues with the file will prevent IIS functioning properly.

Go to C:\Windows\System32\inetsrv\config\ folder and open applicationHost.config file. Make sure you see <configuration> in the beginning and </configuration> at the end. Most of the time, you won’t see the closing tag. Instead, there will be unknown characters that mean the file is corrupted. Sometimes, you may not see any content at all which is also an issue.

Screenshot of a corrupted applicationHost.config file:

If there is something wrong with this file, your options are

• If there is a backup of this file, replace it
• Even if you don’t have a backup of the file, you may have a backup of the entire server. Try to get the file from that backup
• If there is another server hosting the same websites with the same configuration, try to get the parts of the file from that server to fix the corruption in the non-working server
• In case you don’t have backup or another server, you can try to fix the corrupted part manually. Sometimes, only a few closing tags are missing. You can easily fix the issue if that’s the case. However, if a big portion of the file is corrupted, this method may not work
• If the file is completely empty and you don’t have a backup or another server, you will need to uninstall and install IIS back. This will create a brand-new configuration file. However, you will need to create the sites and application pools from scratch

If you are seeing “The Windows Process Activation Service encountered an error trying to read configuration data” error, check this post out for the solution: Windows Process Activation error (NetFx40_IIS_schema_update.xml)

Error 13 may refer to a coding issue as well. More information: Type mismatch

The post Error 13: The data is invalid (WAS service) appeared first on port135.com.

Setting up Failed Request Tracing to troubleshoot web application issues is pretty straightforward: Install Tracing module in Server Manager, enable Failed Request Tracing in IIS Manager, and add a rule for the type of issue you are working on (500 status code, delay over 10 seconds etc.).

However, you may notice that logs are not created even though the condition in your rule is met.

Note: Uninstalling the Tracing module in Server Manager and installing it back normally solves issues related to FREB but this is sometimes not a convenient approach if Shared Configuration is used or you are not able to restart the server (uninstalling the Tracing module requires server restart)

What to do if Failed Request Tracing (FREB) is not creating logs

Here are a few quick checks to do:

• Double-check if FREB is enabled
• Check if the path for creating logs is correct
• Make sure the application pool identity has permissions to write in this folder
• If everything looks good but the issue still exists, add a new website and add a rule for status codes between 200 and 600. This should trigger logging for all kinds of requests

If there are still no log files, It’s time to dive deep into the applicationHost.config file. This is the IIS configuration file that stores most of the IIS configuration including FREB related references. It is located under C:\Windows\System32\inetsrv\config

In the case I worked on, module references were missing. Here is how we solved the issue:

• Back up applicationHost.config
• Open the original file. Add these lines in <globalModules> section

<globalModules>
   …
   <add name="TracingModule" image="%windir%\System32\inetsrv\iisetw.dll" />
   <add name="FailedRequestsTracingModule" image="%windir%\System32\inetsrv\iisfreb.dll" />
   …
</globalModules>

• Add the line below into <modules> section

<modules>
   …
   <add name="FailedRequestsTracingModule" lockItem="true" />
   …
</modules>

• Restart IIS and test if logs are created now

“FailedRequestTracing module detected invalid configuration”

After the changes above, you may come across the error messages below.

Log Name:      Application
Source:        Microsoft-Windows-IIS-W3SVC-WP

Event ID:      2288
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Description:
FailedRequestTracing module encountered problem while reading configuration. No logs will be generated until this condition is corrected. The problem happened at least 1 times in the last 5 minutes. The data is the error.

Log Name:      Application
Source:        Microsoft-Windows-IIS-W3SVC-WP
Event ID:      2285
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Description:
FailedRequestTracing module detected invalid configuration on path 'MACHINE/WEBROOT/APPHOST/DEFAULT WEB SITE'. Trace provider or tracing area name 'WWW Server' is not recognized. Check the <traceProviderDefinitions> section for currently supported list or providers and areas. No logs will be generated until this condition is corrected. The problem happened at least 1 times in the last 5 minutes. The data is the error.

Seeing these error messages is actually a good thing. It means Failed Request Tracing started working but it couldn’t find the provider “WWW Server” which was selected in the FREB rule.

Apparently, IIS is not able to read that section with “WWW Server” in the config file. There might be a typo, extra space, etc. Even if you don’t change the config file, If you simply uncheck “WWW Server” from the FREB rule, this error should go away but it may cause having less information in the logs.

In order to solve this issue, check the the definition of the WWW Server provider. Here is a definition that works without issues:

<traceProviderDefinitions>
       … 
       <add name="WWW Server" guid="{-4j25-9512-qp1}">
            <areas>
               <add name="Authentication" value="2" />
               <add name="Security" value="4" />
               <add name="Filter" value="8" />
               <add name="StaticFile" value="16" />
               <add name="CGI" value="32" />
               <add name="Compression" value="64" />
               <add name="Cache" value="128" />
               <add name="RequestNotifications" value="256" />
               <add name="Module" value="512" />
               <add name="FastCGI" value="4096" />
               …
            </areas>
       </add>
       …
</traceProviderDefinitions>

The post Failed Request Tracing (FREB) is not working (not creating logs) appeared first on port135.com.

Your web application may show a custom error like this: “You are not authorized to access this portal”. Most of the time, custom errors are static and therefore, they may mislead. For the same issue, I saw “417 Expectation Failed” error in the F12 Developer Tools network trace.

417 status code refers to an issue with the Expect header in the request. The server was probably not able to meet the requirement in this header (RFC7231).

Solution for “417 Expectation Failed”

I recommend collecting a Fiddler trace and analyzing the header. As always, doing due diligence like probing when the issue started occurring, what was changed, does it work in another server, etc. helps as well.

In my case, the root cause was a missing forward slash character (“/”) at the end of the CorsOrigin parameter in appsettings.json. After adding this, the application started working.

Note: System.Net.HttpWebRequest adds “Expect: 100-Continue”‘ to requests (Reference). You may try removing it explicitly to solve this issue:

System.Net.ServicePointManager.Expect100Continue = false;

Another way to remove this header is to change web.config configuration:

<system.net>
    <settings>
        <servicePointManager expect100Continue="false" />
    </settings>
</system.net>

The post Solution for 417 Expectation Failed error and Expect header issues appeared first on port135.com.

When you browse your web application, you may come across this error message: “Can’t reach this page. There was a temporary DNS error. Error code: INET_E_RESOURCE_NOT_FOUND”

How to solve “There was a temporary DNS error INET_E_RESOURCE_NOT_FOUND” error

As the issue mentioned, there might be a problem with the DNS record of your application’s domain. However, for an application I worked with, the root cause was the corruption in the registry settings of Internet Explorer.

We renamed the Connections container in the registry key below.

HKEY_LOCAL_MACHINE > Software > Microsoft > Windows > CurrentVersion > Internet Settings > Connections

After restarting the server, IE created a new Connections container. and the application started working.

There had been no recent code deployments before this issue started occurring. My best bet is, a Windows update or another system-level change caused this issue.

The post Solution for INET_E_RESOURCE_NOT_FOUND error appeared first on port135.com.

BREACH attack works by trying to guess the secret keys in a compressed and encrypted response. Attacker sends many targeted requests to the server and try to figure out the encrypted information byte-by-byte using the pattern in responses.

When you run a penetration test on your web application, the report may point out BREACH as a high-risk vulnerability. Here is an example vulnerability test report that mentions the BREACH:

'id'           : 'BREACH',
'ip'           : 'domain.com/10.194.54.67',
'port'         : '443',
'severity'     : 'HIGH',
'cve'          : 'CVE-2013-3587',
'cwe'          : 'CWE-310',
'finding'      : 'potentially VULNERABLE, uses gzip HTTP compression - only supplied '/' tested'

BREACH stands for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext and it is similar to the CRIME attack.

Mitigations for the BREACH vulnerability

Common recommendations for fixing this vulnerability are:

• Disabling HTTP compression
• Separating secrets from user input
• Randomizing secrets per request
• Masking secrets (effectively randomizing by XORing with a random secret per request)
• Protecting vulnerable pages with CSRF
• Length hiding (by adding a random number of bytes to the responses)
• Rate-limiting the requests

My comments about these mitigations:

• The first option (disabling HTTP compression) will certainly mitigate this vulnerability and the scan tool won’t bring it up anymore. However, this may have a performance effect
• Recommendations from #2 to #5 are related to the coding of the application. They are effective for preventing this type of attack. They are also best practices for development in general
• Recommendations #6 and #7 are hosting-related settings. You may need to talk to your hosting company to find out if they are applicable

One question to ask is: How is the scan tool determining to raise this vulnerability or not? (The owner of the tool can provide this information) Is it just checking if the compression is enabled? If that’s the only check it does for the determination of this vulnerability, then recommended mitigations from #2 to #7 won’t make this vulnerability disappear in the report.

My recommendation would be to keep the compression enabled but implementing the other recommendations (from #2 to #7). However, as I explained in the previous paragraph, the tool may still raise a flag even if you implement all those mitigations.

For more information about the common recommendations, click here. More details about this vulnerability can be found here.

The post How to fix the BREACH vulnerability (CVE-2013-3587 CWE-310) appeared first on port135.com.

An application that keeps becoming unavailable is a sign of a problem with its application pool. For an issue I troubleshot, the application pool kept stopping with Event ID 2269, 5139, and 5002.

The errors and warnings I saw in Event Viewer are below.

Event 2269
The worker process for app pool 'DefaultAppPool' failed to initialize the http.sys communication when asked to start processing http requests and therefore will be considered ill by W3SVC and terminated.

Event 5139
A listener channel for protocol 'http' in worker process serving application pool 'DefaultAppPool' reported a listener channel failure.

Event 5002
Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool

Solution for “Event 2269 http.sys communication” error

This issue occurs when the application pool identity doesn’t have “Bypass traverse checking” permission. This is group-policy level permission that determines which users can traverse folders even if they don’t have permission at the folder level.

Follow the steps below to give “Bypass traverse checking” permission:

1. In “Start > Run”, type “gpedit.msc” and click OK
2. Go to “Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment”
3. In the list, right click “Bypass traverse checking” and click “Properties”
4. Click “Add User or Group”
5. Add these users and groups (You will need to select “Groups” from Object Types for some of them): Everyone, Users, IIS_IUSRS, IIS AppPool\DefaultAppPool
6. Click OK
7. Restart the server
8. Open the same window and make sure the users/groups you added in Step 5 are still there
9. Test the application. If this doesn’t work, check “netstat” list for possible port conflicts and other network and file structure related issues

Note: We added more users than we normally do. This is for testing to see if it works. You can later harden this configuration.

The post Event 2269 Worker process for app pool failed to initialize http.sys communication appeared first on port135.com.

In another post, I mentioned the common way of solving (413) Request Entity Too Large error. However, If you are using WCF and seeing this error, you may need to go extra mile to solve this issue.

While trying to upload files that are bigger than 64 KB, we came across this error. Unfortunately, the usual fix (increasing uploadReadAheadSize and maxRequestEntityAllowed values) didn’t help.

In the dump file, we saw this error:

Exception Type : System.ServiceModel.ProtocolException
Message: The maximum message size quota for incoming messages (65536) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element.

As the error above mentions, this issue occurs because the request size is bigger than the MaxReceivedMessageSize for WCF.

Solution for WCF 413 Request Entity Too Large error

In order to solve this problem, you will need to increase MaxReceivedMessageSize value for your web service. However, this may get tricky and cause you to spend a lot of time because there are two different MaxReceivedMessageSize parameters:

• MaxReceivedMessageSize in System.ServiceModel.Configuration.BasicHttpBindingElement
• MaxReceivedMessageSize in System.ServiceModel.Channels.HttpTransportBindingElement

Resources you will find will recommend editing your web.config like the following example:

<basicHttpBinding>
   <binding name="basicHttpBinding_Portal" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" maxBufferPoolSize="2147483647">
       <readerQuotas maxBytesPerRead="2147483647" maxArrayLength="2147483647" maxStringContentLength="2147483647" maxDepth="2147483647" maxNameTableCharCount="2147483647"/>
    </binding>
</basicHttpBinding>

This configuration will increase the MaxReceivedMessageSize in System.ServiceModel.Configuration.BasicHttpBindingElement

You should increase the MaxReceivedMessageSize in System.ServiceModel.Channels.HttpTransportBindingElement as well. Here is the way to do it in web.config:

<customBinding>
   <binding closeTimeout="00:10:00" openTimeout="00:10:00" sendTimeout="00:10:00">
      <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" useDefaultWebProxy="true" transferMode="Buffered" />
   </binding>
</customBinding>

You can also do it through the code as explained in this document.

Note 1: For some cases, removing the name from basicHttpBinding also fixes the issue (name=”basicHttpBinding_Portal”)

Note 2: While trying to figure out this issue, your application may further break (not showing a table etc.) after adding maxBufferSize to your web.config. This happens because maxBufferSize is not supported for wsHttpBinding. Event ID 3 “ServiceActivationException: Unrecognized attribute ‘maxBufferSize'” error mentions this issue.

The post WCF service shows 413 Request Entity Too Large error when uploading files over 64 KB appeared first on port135.com.

After enabling output caching (kernel-mode and user-mode) in IIS, you may want to make sure it works as expected. Here are what you can do to confirm the caching status in the server:

Kernel-mode cache

• If the command netsh http show cachestate returns “There were no cache entries corresponding to the provided URL”, it means there is no data in the kernel-mode cache
• This can be confirmed by checking “Kernel: Current URIs Cached” performance counter as well. If it shows 0, it means the kernel-mode cache is empty
• Failed Request Tracing (FREB) logs show if kernel-mode caching was used for a request (HTTPSYS_CACHEABLE event)

Note: Even if you enable kernel-mode cache, you may see that there is no cache stored. There are certain situations in which the kernel-mode caching cannot be used (Reference)

User-mode cache

• There is no equivalent of netsh http show cachestate command to check user-mode cache
• However, the performance counter “Current URIs Cached” shows how many URIs are cached in the user-mode
• Resetting IIS or recycling application pool clears the user-mode cache

A few useful pages to learn more about caching:

• Configure IIS 7 Output Caching
• ASP.Net Session Swapping
• Cookie being cached

The post Find out if the kernel-mode and user-mode caching are working appeared first on port135.com.

While troubleshooting a “500 Internal Server Error”, I saw this error in the Failed Request Tracing log:

500.19 Internal server error 
%1 is not a valid Win32 application
0x800700c1

Solution for “500.19 %1 is not a valid Win32 application” error

After comparing the working and non-working servers, I saw that enable32BitAppOnWin64 was set to True in the non-working server. The working server had this value to False.

We set it to False in the non-working server. The 500 error disappeared.

For more information, please check the official Microsoft documentation.

The post 500.19 %1 is not a valid Win32 application appeared first on port135.com.

Setting up Failed Request Tracing to troubleshoot web application issues is pretty straightforward: Install Tracing module in Server Manager, enable Failed Request Tracing in IIS Manager, and add a rule for the type of issue you are working on (500 status code, delay over 10 seconds etc.).

However, you may notice that logs are not created even though the condition in your rule is met.

Note: Uninstalling the Tracing module in Server Manager and installing it back normally solves issues related to FREB but this is sometimes not a convenient approach if Shared Configuration is used or you are not able to restart the server (uninstalling the Tracing module requires server restart)

What to do if Failed Request Tracing (FREB) is not creating logs

Here are a few quick checks to do:

• Double-check if FREB is enabled
• Check if the path for creating logs is correct
• Make sure the application pool identity has permissions to write in this folder
• If everything looks good but the issue still exists, add a new website and add a rule for status codes between 200 and 600. This should trigger logging for all kinds of requests

If there are still no log files, It’s time to dive deep into the applicationHost.config file. This is the IIS configuration file that stores most of the IIS configuration including FREB related references. It is located under C:\Windows\System32\inetsrv\config

In the case I worked on, module references were missing. Here is how we solved the issue:

• Back up applicationHost.config
• Open the original file. Add these lines in <globalModules> section

<globalModules>
   …
   <add name="TracingModule" image="%windir%\System32\inetsrv\iisetw.dll" />
   <add name="FailedRequestsTracingModule" image="%windir%\System32\inetsrv\iisfreb.dll" />
   …
</globalModules>

• Add the line below into <modules> section

<modules>
   …
   <add name="FailedRequestsTracingModule" lockItem="true" />
   …
</modules>

• Restart IIS and test if logs are created now

“FailedRequestTracing module detected invalid configuration”

After the changes above, you may come across the error messages below.

Log Name:      Application
Source:        Microsoft-Windows-IIS-W3SVC-WP

Event ID:      2288
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Description:
FailedRequestTracing module encountered problem while reading configuration. No logs will be generated until this condition is corrected. The problem happened at least 1 times in the last 5 minutes. The data is the error.

Log Name:      Application
Source:        Microsoft-Windows-IIS-W3SVC-WP
Event ID:      2285
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Description:
FailedRequestTracing module detected invalid configuration on path 'MACHINE/WEBROOT/APPHOST/DEFAULT WEB SITE'. Trace provider or tracing area name 'WWW Server' is not recognized. Check the <traceProviderDefinitions> section for currently supported list or providers and areas. No logs will be generated until this condition is corrected. The problem happened at least 1 times in the last 5 minutes. The data is the error.

Seeing these error messages is actually a good thing. It means Failed Request Tracing started working but it couldn’t find the provider “WWW Server” which was selected in the FREB rule.

Apparently, IIS is not able to read that section with “WWW Server” in the config file. There might be a typo, extra space, etc. Even if you don’t change the config file, If you simply uncheck “WWW Server” from the FREB rule, this error should go away but it may cause having less information in the logs.

In order to solve this issue, check the the definition of the WWW Server provider. Here is a definition that works without issues:

<traceProviderDefinitions>
       … 
       <add name="WWW Server" guid="{-4j25-9512-qp1}">
            <areas>
               <add name="Authentication" value="2" />
               <add name="Security" value="4" />
               <add name="Filter" value="8" />
               <add name="StaticFile" value="16" />
               <add name="CGI" value="32" />
               <add name="Compression" value="64" />
               <add name="Cache" value="128" />
               <add name="RequestNotifications" value="256" />
               <add name="Module" value="512" />
               <add name="FastCGI" value="4096" />
               …
            </areas>
       </add>
       …
</traceProviderDefinitions>

The post Failed Request Tracing (FREB) is not working (not creating logs) appeared first on port135.com.

Your web application may show a custom error like this: “You are not authorized to access this portal”. Most of the time, custom errors are static and therefore, they may mislead. For the same issue, I saw “417 Expectation Failed” error in the F12 Developer Tools network trace.

417 status code refers to an issue with the Expect header in the request. The server was probably not able to meet the requirement in this header (RFC7231).

Solution for “417 Expectation Failed”

I recommend collecting a Fiddler trace and analyzing the header. As always, doing due diligence like probing when the issue started occurring, what was changed, does it work in another server, etc. helps as well.

In my case, the root cause was a missing forward slash character (“/”) at the end of the CorsOrigin parameter in appsettings.json. After adding this, the application started working.

Note: System.Net.HttpWebRequest adds “Expect: 100-Continue”‘ to requests (Reference). You may try removing it explicitly to solve this issue:

System.Net.ServicePointManager.Expect100Continue = false;

Another way to remove this header is to change web.config configuration:

<system.net>
    <settings>
        <servicePointManager expect100Continue="false" />
    </settings>
</system.net>

The post Solution for 417 Expectation Failed error and Expect header issues appeared first on port135.com.

Microsoft Word is known as the most popular word-processing program on the market. And more than one billion people use it every single day. That is almost one in seven people on the whole planet. Which is an impressive number that is unmatched in the technology industry. However, besides the fact that it has so many users, not everyone knows all the program’s capabilities. Especially the students who are just starting to use it for school or college.

Word is used for almost everything that includes writing. Adults are constantly using it for work or their everyday life. There are even people who can only do their jobs through Word, such as content writers or people who work at some assignment help services. So next time when you say, “I will hire someone who will do my assignment cheap,” it is good to know that they will write it on Microsoft Word. And they do that because Word is customizable, dependable, and it is packed with many features that make document creation way easier. 

Although nowadays, thanks to the technology in schools, students also get a lot of use of Word during their education, teachers often incorporate Microsoft Word into their lessons and classes, and document formatting for students has become essential. So, to help with that, the following are 10 tricks that every student should know.

Zoom in or Zoom Out to Save Eye Strain

Some people choose to work on Word zoomed in to 150%, and others do not like scrolling up and down or left and right, so work on a 75% window, so they can see the full document. Either way, you can find the perfect setting that will work best for you by sliding on the “100%” tab with a slider located at the document’s bottom right.

Use Smart Lookup to Search the Internet

Smart Lookup serves as a quick shortcut that allows you to browse the internet. So anytime you highlight a phrase or even a single word and right-click it, Word offers you to use it. Allowing you to get answers to all the questions or get definitions for any possible word.

Convert PDFs to Word Documents

When you open a PDF file in Word, it converts it into a .docx format, and then you can add text to the document. This can be helpful if you want to fill in any document on your computer rather than on paper with a pen.

Copy, Cut, and Paste with Keyboard Shortcuts

Ctrl + C to copy, Ctrl + X to cut, and Ctrl + V to paste are three amazing, but at the same time basic commands that will save any user a lot of time while working on any kind of document.

Delete Entire Words at a Time

This is one of the easiest tricks that many do not know about. Pressing Ctrl + Backspace with the cursor placed after the Word you wish to delete will remove the word or even the sentence right away. Making things much easier without having the need to hold down Backspace to remove letter by letter.

A Quick Way to Insert Links

Just like the previous command, this is also a keyboard shortcut. This allows you to add links to a document by pressing Ctrl+ K. Using this will definitely save you a lot of time and may even become one of your favorite shortcuts.

Sign your Name on Documents

There are many situations when you need to sign your name on a document for university or work, and Word allows you to do that on any document.

You can do that by clicking on “insert” at the top of the screen and then on “Shapes” then, choose the rightmost icon and draw the mouse wherever you want to draw your signature. Once you are done, it will be converted into a picture, so you can easily resize it or move it.

The post Top 7 Tricks with Microsoft Word for Students appeared first on port135.com.

While trying to change a setting for your IIS application, you may come across this error message: There was an error while performing this operation. Details: Exception from HRESULT: 0xC00CEF03.

This issue mostly occurs after you migrate your application from one IIS server to another.

Root Cause

0xC00CEF03 error code translates to WR_E_NSPREFIXWITHEMPTYNSURI which refers to “Writer: cannot use prefix with empty namespace URI” (Reference).

This error occurs when there is something wrong with the web.config file. It’s probably corrupted or there are incompatible tags and parameters. As a result of this corruption and incompatibility, IIS is not able to read this file. Therefore, it can’t make a change.

The issue mostly happens after migration because a piece of configuration that works in the older version of IIS (and .NET Framework) probably became unsupported in the newer version.

Solution for the 0xC00CEF03 error (Cannot use prefix with empty namespace URI)

The shortest way of finding what part of the web.config is causing the issue is to remove sections one by one and test. High-level steps:

1. Remove a section from the bottom of the file (Let’s say you removed system.serviceModel section)
2. If the issue goes away, add the section back and start removing the subsections of it one by one. (For example, ws2007HttpBinding subsection in system.serviceModel section)
3. If the issue goes away again, bring the subsection back and go through each lines. Prefixes like wsid:, asm:, and trust: are the most common causes of this issue

Sample code

For the application I worked with, the problematic subsection in the web.config file was the one below.

<tokenRequestParameters>
  <trust:SecondaryParameters xmlns:trust=http://docs.oasis-open.org/ws-sx/ws-trust/200512>
    ...
    <trust:Claims Dialect=http://schemas.xmlsoap.org/ws/2005/05/identity xmlns:trust=http://docs.oasis-open.org/ws-sx/ws-trust/200512>
      <wsid:ClaimType Uri=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name Optional="true" xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
      <wsid:ClaimType Uri=http://schemas.microsoft.com/ws/2008/06/identity/claims/role Optional="true" xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
      <wsid:ClaimType Uri=http://schemas.wolterskluwerfs.com/ws/2012/09/identity/claims/effectiverootorg xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
    </trust:Claims>
    ...
  </trust:SecondaryParameters>
</tokenRequestParameters>

In order to solve the issue, I removed;

• trust: from <trust:SecondaryParameters>
• wsid: from <wsid:ClaimType>

After the changes, the code looked like this:

<tokenRequestParameters>
  <SecondaryParameters xmlns:trust=http://docs.oasis-open.org/ws-sx/ws-trust/200512>
    ...
    <trust:Claims Dialect=http://schemas.xmlsoap.org/ws/2005/05/identity xmlns:trust=http://docs.oasis-open.org/ws-sx/ws-trust/200512>
      <ClaimType Uri=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name Optional="true" xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
      <ClaimType Uri=http://schemas.microsoft.com/ws/2008/06/identity/claims/role Optional="true" xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
      <ClaimType Uri=http://schemas.wolterskluwerfs.com/ws/2012/09/identity/claims/effectiverootorg xmlns:wsid=http://schemas.xmlsoap.org/ws/2005/05/identity/>
    </trust:Claims>
    ...
  </SecondaryParameters>
</tokenRequestParameters>

After changing the web.config, please make sure to test your application.

The post 0xC00CEF03 error (Cannot use prefix with empty namespace URI) appeared first on port135.com.

If you test your website’s speed by using Google PageSpeed Insight tool, you may come across this common warning about possible delays: “Ensure text remains visible during webfont load. Leverage the font-display CSS feature to ensure test is user-visible while webfonts are loading”

The warning section will also show you the font URLs as you will see in the screenshot below.

If you are using a caching and performance testing plugin like Humminbird, you may see this warning in their reports as well:

Basically, this warning says that there is no alternative font specified if it takes too long to fetch the actual font you want to use. Google has a wealth of information about this warning on this page.

Solution for “Ensure text remains visible during webfont load” in GeneratePress

If you are using GeneratePress theme, you can easily fix this warning by following the steps below.

1. In WordPress admin panel, go to Appearance > Theme Editor
2. From the list “Theme Files” on the right side, select functions.php
3. Add the code below to the end of the file and click “Update File“

add_filter( 'generate_google_font_display', function() {
    return 'swap';
} );

If you update your theme in the future, make sure to add these lines again after the update.

The post Fix for “Ensure text remains visible during webfont load” in GeneratePress appeared first on port135.com.

If some users can’t access a web application because of timeout errors, start by drawing the big picture. From the client machine to the IIS server, what devices or servers are on the way? On an issue I worked at, there was F5 load balancer in between and it was rejecting responses from IIS because of the “Invalid Content-Length” and “Server sends too much data” errors.

In F5 logs, this is what we saw (I replaced the IP addresses with X.X.X.X):

Jul 10 08:50:30 LB.domain.com err tmm[20799]: 011f0016:3: http_process_state_prepend - Invalid action:0x10a010 Server sends too much data. serverside (X.X.X.A:443 -> X.X.X.B:55824) clientside (X.X.X.C:55824 -> X.X.X.D:443) (Server side: vip=/Common/application profile=http pool=/Common/ application server_ip=X.X.X.A)

Enable “Bytes Sent” and “Bytes Received” columns in IIS Logging to record the size of the incoming requests and outgoing responses into IIS logs.

After checking IIS logs, I saw some requests and responses as big as 1.3MB!

2021-07-21 15:33:20 X.X.X.X POST /wa/1/289 – 443 – 
X.X.X.X Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64) https://domain.com/wa/1 200 0 0 1313596 3802 3203 –

2021-07-21 19:02:24 X.X.X.X POST /wa/5/5 – 443 – 
X.X.X.X Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64) https://domain.com/wa/5 200 0 0 400227 3805 1132 –

For more information about the requests and responses, I enabled Failed Request Tracing and also collected Fiddler trace.

Cause

Load balancers may reject responses from IIS if the responses don’t comply with RFC specifications. In this case, responses were rejected because of two incompatibilities:

• Responses with 204 status code contained message body. However, RFC 7231, § 6.3.5 says:

A 204 response is terminated by the first empty line after the header fields because it cannot contain a message body.

• There was a value in the Transfer-Encoding header (The value was “chunked”). RFC 7230, § 3.3.1 says:

A server MUST NOT send a Transfer-Encoding header field in any response with a status code of 1xx (Informational) or 204 (No Content)

Because of these compliance issues, the load balancer was rejecting responses coming from IIS. These issues were apparent in the Fiddler trace as well:

== Server Response ==
HTTP/1.1 204 No Content
Cache-Control: no-cache
Pragma: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked <*** Not RFC compliant ***>
Expires: -1
Server: Microsoft-IIS/10.0
X-FourJs-Server: GAS/2.50
X-Powered-By: ASP.NET
<*** There shouldn't be values after this point. Not RFC compliant ***> 
HTTP/1.1 204 No Content
Cache-Control: no-cache
Pragma: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Expires: -1
Server: Microsoft-IIS/10.0
X-FourJs-Server: GAS/2.50
X-Powered-By: ASP.NET

IIS is designed to be compliant with W3C standards. However, third-party modules may alter responses and cause them to conflict with standards. This is what happened in this case. In the Failed Request Tracing log, we saw that a third-party module was adding “chunked” value to the Transfer-Encoding header.

Solution for the “Invalid Content-Length” and “Server sends too much data” errors

IIS is a carrier in this scenario. It gets the pieces from the third-party component and sends them to the client through the load balancer.

Since the issue was caused by a third-party component, you should contact their support with the findings above. It’s expected for them to make changes in their component to make it RFC compliant.

Note: If you are using F5 load balancer and running into these errors, please check their official documentation on this page.

The post “Invalid Content-Length” and “Server sends too much data” errors appeared first on port135.com.

Math is everywhere around us, its laws describe the universe we live in plus it makes our life easier in so many areas like construction, engineering, or even astrophysics. We see it as a blueprint of time and space that surrounds us, like a Matrix code that magically holds everything in place. Its complicated equations sometimes resemble those mysterious Egyptian hieroglyphs that hold ancient secrets that we need to decipher. Luckily for us, today we have advanced math learning software that we can use for solving complicated problems even if we are not certified math geniuses. This software constantly evolves and is becoming more accessible for anyone, thus making mathematics more understandable to regular people. 

New Software For The New Age

We live in an age of modernization where every aspect of our life is intertwined with modern technology and the latest software solutions. Understanding some basic math software like Photomath is becoming a necessity nowadays for doing any kind of work in engineering or architecture. Apps like Photomath recognizes math equations by cam scanning or Geogebra that makes geometry learning easier on any level help future experts fall in love with mathematics. With Geogebra 3d modeling has never been so much fun while Mathcad will help engineers refine their calculations to perfection in just a few clicks. With software like this college students can easily comprehend seemingly complex theories or equations and learn more with less effort.

Every student who is struggling with algebra or geometry has support in this new software which is more valuable than any classor a written textbook. Those who are seeking geometry questions and answers and wish to solve trigonometric functions can master the basics more rapidly with apps like Geogebra or xFunc. With basics out of their way, studentscan dedicate themselves to seeking higher knowledge and focus their energy on bigger and more challenging problems. This way, modern software is facilitating learning by helping future engineers or developers to digest knowledge more easily.

Free Knowledge For Everyone

Knowledge is power so making it freely accessible to anyone is paramount in a modern society like ours. Each university stands as a bastion of higher education but more and more basic knowledge is offered free via the Internet or free software. Even more complicated issues of geometry, algebra, or coding are becoming available online as our knowledge fund grows in volume. What used to be hard or complicated is free and comprehensible today. That is the sign of progress and we can only imagine the level of math learning software that will be available for future students in just a few decades.

Math Is The Future

Our whole world is made of numbers or equations that describe it and we are constantly refining our knowledge of laws that govern the Universe. We translate them into formulas or we make software that helps us with complicated calculations that our brain just can’t compute on its own. If you thought that your high school math exam is difficult try solving MIT basic Analytic Geometry exam to see how far we came in our understanding of this science. Many students would have difficulties comprehending today’s curriculum without some basic math software that we use today. There are so many unanswered questions that we hope to figure out with the use of these amazing apps in the future.

It doesn’t take a master’s degree in Mathematics to solve complicated problems anymore as students have an array of free math tools available for them. Thanks to modern technology and the latest generation of portable devices anyone can start learning math even with no prior knowledge. With this modern approach and today’s apps available, it is like getting some free math education while having fun at the same time. The implications of popularizing this science are endless as everyone’s learning curve just drops down, as a result, making each student more interesting in algebra or arithmetic. What is certain is that even those who hate algebra will enjoy the latest math software for students which will make their exams and tiresome homework much easier to digest. 

The post The Class Of Future: Math Software In Learning appeared first on port135.com.

Seeing the 400 status code in IIS logs is rare but it’s good to know why it happens and what to do when it happens.

A sample IIS log with 400 status:

2021-09-20 09:16:32 172.13.1.8 POST /Page.asmx - 8081 - 172.26.7.31 SAP+NetWeaver+Application+Server+(1.0;754) - 400 0 64 125858

400 Status Code

400 status means “Bad Request”. So this is not a server-side issue. There is something wrong with the request. Is not well-formed before reaching to IIS

If the substatus code was something other than 0, it would be easier to troubleshoot. For example, If it was 1, it would mean “Invalid Destination Header”. If it was 2, that would mean “Invalid Depth Header”. Here is the full list of status codes.

Value 64 in sc-win32-status

Code 64 in IIS logs points out a network-related issue. It refers to “The specified network name is no longer available”. After sending the response, IIS waits for ACK package from the client. If the client resets the connection instead of sending this package, IIS logs 64 code since it’s not a graceful connection close.

Additionally, note the time-taken value which is 125 seconds (Mostly likely, it’s the result of the request not being processed within the default IIS time out ~ 120 seconds).

Recommendations

For 400.0.64 scenario, check HTTPERR logs. In the server I troubleshoot, it showed Timer_EntityBody error for the same timestamp:

2021-09-20 09:16:32  172.26.7.31  46342 172.13.1.8 8081 HTTP/1.1 POST /Page.asmx - - 2 Timer_EntityBody SAP_Update

Timer_EntityBody error means “The connection expired before the request entity body arrived”. It looks like either the client is not sending the full request or the request is being held on the way (possible network issues).

Recommendations:

• Check if there are software like antivirus or network endpoint protection in the server. Uninstall them and monitor the system for a while to see if the issue occurs again (Note: disabling them sometimes doesn’t mean they don’t run in the background anymore. Uninstalling is the ultimate way of eliminating them from the troubleshooting process)
• Work with the third-party product support to see if there is anything blocking the requests to be fully sent. Application might be initiating the connection but not completing it
• Check with your Networking team to analyze the network between the web server and client. Ideally, a network trace would be very helpful

The post Status Code 400 with 64 in sc-win32-status column appeared first on port135.com.

InvalidCastException occurs when the conversion of an instance type to another is not supported. For example, if you try to convert a Char type to DateTime, it will result in InvalidCastException.

For an application I troubleshoot, this was the stack trace of the error:

System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.InvalidCastException: [A]ASP.common_master cannot be cast to [B]ASP.common_master. Type A originates from 'App_Web_2th3e42t, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' in the context 'Default' at location 'D:\local\Temporary ASP.NET Files\root\dfgdf\3gdfgdf\App_Web_2th3rt2t.dll'. Type B originates from 'App_Web_grzmaoii, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' in the context 'Default' at location 'D:\local\Temporary ASP.NET Files\root\dfgdf\3gdfgdf\App_Web_grzmaoii.dll'.
at ASP.login_index_aspx.get_Master()
at ASP.login_index_aspx.__RenderclpJSscript(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)
at ASP.zh_include_common_master.__RenderbodyNode(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)

Solution

Review your code to find out what conversions are being made and which one might be causing the exception. If the problematic conversion is not easy to find, set up automatic dump collection to create a dump file at the time this exception is thrown. The dump file should tell what the values were when the cast exception occurred.

In some rare cases, InvalidCastException might be solved by

1. Deleting the temporary ASP.NET compiled folder after compilation
2. Using a different DLL file for the each user control
3. Using staging slot to deploy code and swapping into production slot
4. Removing circular dependencies in user controls

The post InvalidCastException breaking the web application (302 status code) appeared first on port135.com.

When you try to connect an FTP site hosted in IIS, you may come across this error message in Command Prompt: “Connection closed by remote host”.

In a third-party FTP client, this message may show up for the same issue:

Connection failed. FlowSocketConnector: Failed to conect to target address. Windows error 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
The SSH session has been terminated

For the environment I troubleshot, this issue started occurring after migrating the FTP site from Windows Server 2008 to 2016.

Troubleshooting

Since this is a server-side issue, I’d recommend checking the Event Viewer logs first. For the server I worked on, I saw these error messages in Event Viewer:

Event ID 10
An error has occurred: The configuration section ‘system.ftpServer/security/authentication’ cannot be read because it is missing a section declaration

There were two warnings that followed the event above:

Event ID 12
Unable to find schema for config section ‘system.xaml.hosting/httpHandlers’. This section will be ignored

Event ID 12
Unable to find schema for config section ‘system.serviceModel/client’. This section will be ignored

Additionally, IIS Manager showed this error:

There was an error while performing this operation. Filename: applicationHost.config. Error: Cannot add duplicate collection entry of type ‘add’ with combined key attributes ‘users, roles, permissions’ respectively set to ‘*, Read’

Solution for FTP error “Connection closed by remote host”

The root cause of the FTP issue was this missing line in the applicationHost.config file:

<section name="authentication" overrideModeDefault="Deny" />

FTP started working after adding the line.

This line was missing because it didn’t exist in the Windows Server 2008 server. It was there in Windows Server 2016 machine but once the site configuration is migrated using Web Deploy from 2008 to 2016 server, the line was removed.

The post FTP error “Connection closed by remote host” appeared first on port135.com.

When you try to access a website, the browser may display “Page not found” error. This error is misleading in certain situations. In order to find the root cause, use Failed Request Tracing (FREB) feature in IIS.

In the server I worked on, this is what FREB log file showed:

MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName: IIS Web Core
Notification: MAP_REQUEST_HANDLER
HttpStatus: 404
HttpReason: Not Found
HttpSubStatus: 4
ErrorCode: The system cannot find the file specified (0x80070002)

Solution for 404.4 Status Code (The system cannot find the file specified)

HTTP status code 404 with substatus code 4 occurs when there is something wrong with the StaticFile module. In order to solve this issue, uninstall and install Static File feature through Server Manager.

If you are using ARR and still seeing this error, make sure the Proxy is enabled at “Application Request Routing Cache > Proxy” windows in IIS.

The post 404.4 Status Code (The system cannot find the file specified) appeared first on port135.com.