IIS

IIS receives too many requests from the user-agent Edge+Health+Probe

IIS logs each and every request into its log file. You may see excessive amount of requests in this file when there is an increased traffic to your site, an Denial-of-Service (DoS) attack, frequent health probes (such as Edge+Health+Probe) or any other similar causes.

In my case, the server was receiving too many requests caused by Edge+Health+Probe user-agent. Here is the sample IIS log:

2019-03-11 02:26:31 TESTWEBAPP GET / X-ARR-LOG-ID=0d171ca8-3692-4453-b9a6-268ef242d0c6 443 – 147.243.84.201 Edge+Health+Probe – – testwebapp.azurewebsites.net 401 71 2147500037 560 793 15

2019-03-11 02:26:31 TESTWEBAPP GET / X-ARR-LOG-ID=c932aeb2-1a84-4ccc-b61f-fb99d560b494 443 – 147.243.132.12 Edge+Health+Probe – – testwebapp.azurewebsites.net 401 71 2147500037 560 793 15

2019-03-11 02:26:32 TESTWEBAPP GET / X-ARR-LOG-ID=1c3cd4f9-6b9e-4313-9ed4-159411ec0d08 443 – 147.243.3.172 Edge+Health+Probe – – testwebapp.azurewebsites.net 401 71 2147500037 560 791 18

2019-03-11 02:26:32 TESTWEBAPP GET / X-ARR-LOG-ID=2cc8de45-606f-4ce7-88a0-c20cd9c4bef6 443 – 147.243.68.76 Edge+Health+Probe – – testwebapp.azurewebsites.net 401 71 2147500037 560 791 15

(Solved) No installed debugger has Just-In-Time debugging enabled

After installing Office 2016 in a server with SharePoint 2016, you may come across to “No installed debugger has Just-In-Time debugging enabled” error while visiting http://localhost in your browser.

The entire error message is below:

An unhandled win32 exception occurred in w3wp.exe [1472]. Just-In-Time debugging this exception failed with the following error: No installed debugger has Just-In-Time debugging enabled.

Background

After analyzing DebugDiag dump, we found that an ISAPI Extension (OWSSVR) which is a library for SharePoint Team Services caused the issue. This library got affected by Office installation.

“Value does not fall within the expected range” issue (Solved)

IIS applications run on application pools. Application pools receive requests and process them based on the settings defined. One of the settings is application pool identity. This is the account that runs application pool and perform required tasks. You may come across to this error message while trying to set a custom account as application pool identity: “Value does not fall within the expected range.

This error occurs only if you are specifying a custom account and not using any predefined accounts such as ApplicationPoolIdentity or NetworkService.

The exact error message:

There was an error while performing this operation. Details: Value does not fall within the expected range.

9 Easy and Practical Recommendations to Improve IIS Performance

IIS hosts millions of websites around the world. Thanks to IIS Manager, it is easy to create and manage websites. Websites use default functional and performance settings which are efficient most of the time. However, you may want to fine-tune IIS performance for specific applications and cases.

Fine-tuning IIS Performance

In this post, I will explain 8 recommendations that potentially improves IIS performance. Most of the recommendations are compatible with IIS 7.0 and newer versions with a few exceptions. I will mention the exceptions in their respective section.

Recommendation areas:

  1. Output Caching
  2. Application Initialization
  3. Default Document
  4. HTTP keep-alive
  5. Cache-control Header
  6. Idle Time-out Action
  7. Dynamic Compression
  8. and 9. Other options (Queue Length, Enable 32-bit Applications)

Solved: 503 Service Unavailable error related to Windows Admin Center

Windows Admin Center is a web application that makes it easier to manage multiple servers via multiple Microsoft tools such System Center, RSAT, Intune, and PowerShell. If you install Windows Admin Center in an IIS server, you may come across “503 Service Unavailable” error.

Note: This post explains 503 error related to Windows Admin Center only. If the root cause is not this product, check this post out: HTTP 503 Service Unavailable (Application pool has been disabled)

What is Centralized Certificate Store (CCS) and how to use it?

CCS (Centralized Certificate Store) is feature we started using after IIS 8. It allows IIS to pick up website certificates from a network share instead of the local certificate store. For environments with multiple IIS servers, this is a feature that makes system administrators’ lives a lot easier. All you need to do is to add an IIS binding that points to CCS.

There are two steps to use CCS:

  1. Configure IIS to use CCS (a server-level setting in IIS)
  2. Add an IIS binding to your website. You can do it by
    • Using IIS Manager OR
    • Using PowerShell

(Solved) The directory specified for caching compressed content is invalid. Static compression is being disabled

I have come across to “Static compression is being disabled” error message in Event Viewer while reviewing logs for a web server. This error didn’t cause any user-side issue but it kept being flagged by SCCM.

Here is the Event 2264 with the entire error description:

The directory specified for caching compressed content C:\inetpub\temp\IIS Temporary Compressed Files\domain.com is invalid. Static compression is being disabled

Event 2264 - Static compression is being disabled
Event 2264 – Static compression is being disabled

Root Cause Analysis for CryptographicException (The data is invalid) error

When a cookie is empty and corrupt, users may run into intermittent access issues to your website. IIS may record CryptographicException (The data is invalid) error to Event Viewer for this issue. Since the issue is intermittent, there may not be a need for immediate solution. However, a root cause analysis can provide valuable information and clues to prevent future occurrences.

Here is the key part of the error message from the Application container in Event Viewer:

Event code: 3005
Event message: An unhandled exception has occurred.
Trust level: Full
Process name: w3wp.exe
Exception type: CryptographicException
Exception message: The data is invalid.
at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at System.IdentityModel.ProtectedDataCookieTransform.Decode(Byte[] encoded)

CryptographicException (The data is invalid) error
CryptographicException (The data is invalid) error in Event Viewer