IIS App Offline for even HTML Pages

Posted: August 9, 2013 in Asp.net, IIS
Tags: ,

Hello all

A lot of you have probably had problems setting up complete unavailability of your public web site running the Agile Platform on IIS; for example, to run Maintenance tasks.

Sure, if you want to put one individual application offline you can use the Put Offline option in Service Center, but what if you want to bring everything down?

Or what if you are using a older version of the Agile Platform (6.0-) with out the Put Offline option?

At IIS level there are multiple ways to cut access to an application. My prefered way is to use a trick based on the 403.6 error – that means creating a list of IP that are allowed to access and leave the others out.

In this scenario I will only allow 127.0.0.1 to pass through – this will give me the option to access the apps and Service Center when logged on the server to confirm that things are working after the maintenance is complete.

This is how it is done.

Prepare the server

This is something you do only once in each server to prepare it.

1. Create an HTML maintenance page, and save it somewhere. The simplest HTML content you may use is something like:

         <html><body><p>This server is under maintenance</p></body></html>

Save it in a file in the server – I suggest C:\Inetpub\wwwroot\maintenance.html

2. Now create the custom error page for the 403.6 error to point to this page:

3. Add a default “allow entry” for 127.0.0.1. For this, go to IP Address and Domain Restrictions: 

4. Finally fix a setting in ApplicationHost.Config that prevents you from using absolute paths in error pages. For this, open a Notepad (right-click, Run As Administrator), open file C:\Windows\System32\InetSRV\Config\ApplicationHost.config, locate the tag <httpErrors and add attribute allowAbsolutePathsWhenDelegated=”true”.

For this step, make sure to make a backup copy of the file before any editing.

Put the server offline

When you want to put your server offline you need to go back to IP Address and Domain Restrictions.

Here, choose Edit Feature Settings and switch the default to Deny:

When you do this, immediately all accesses to your IIS from outside the server will produce this result:

But you will still be able to access from inside the machine (and timers continue to run, and etc).

Bring the server back online

For this, simply revert the  IP Address and Domain Restrictions – from Deny to Allow.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s