If your web application has dependency on the System.Net.Http Nuget package, it may break after you upgrade .NET Framework version to 4.7.2 or a newer version. This issue occurs if you are using Visual Studio 15.5 or a higher version.
IIS
w3wp.exe is Suspended after dump collection
After collecting a dump file by using DebugDiag, you may see w3wp.exe process Suspended in the Resource Monitor. This is a known issue with the new version of DebugDiag and it’s a UI problem. The process is actually functional (IIS is able to server websites).
BadImageFormatException: Bad method token
If you are using AppDynamics version 4.5.17 or lower and receiving “BadImageFormatException: Bad method token” error while trying to access your application hosted on IIS, please update your AppDynamics to mitigate a known issue.
The missing Server Hello in TLS handshake (ERR_SSL_PROTOCOL_ERROR)
For TLS communication to be successful, a client machine makes a request to IIS server over TLS by sending Client Hello package first. Then the server is supposed to respond it with Server Hello package. What if the server is not sending Server Hello package?
Vulnerability “Disable HTTP OPTIONS Method for IIS”
Penetration tools may alert if IIS server is accepting requests with HTTP OPTIONS method. This is because the response to these requests may reveal what other methods are supported by the web server.
Vulnerability “Remove the default page or stop/disable the IIS server”
Penetration tools may raise an alarm if the default IIS page is still available in your server. This page comes by default when you install Web Server role.
w3wp service is missing for counters in Performance Monitor
Performance Monitor is an easy-to-use tool to record and monitor performance metrics. If you would like to measure IIS performance, you will need to add w3wp as an instance to your counter. What if there is no w3wp instance in the list?
Missing certificate in IIS binding (CertUtil and Private Keys)
Missing certificate is one of the common issues related to IIS binding settings. If you add a certificate to Server Certificates in IIS but you don’t see it in the binding window, there are two things to check first:
- Check if the certificate you added to “Server Certificates” is the one you created a “Certificate Request” for. If you added a certificate that wasn’t requested in “Server Certificates”, it won’t show up in IIS binding window even though it appears in “Server Certificates” list
- The most common cause of this issue the missing private key in the certificate. Follow the steps below to rebind the primary key to the certificate.
500 Internal Server Error if the full path is not entered (0x80070542)
500 Internal Server Error is one of the most common IIS server errors I see daily basis. Most of the time, a coding or configuration issue causes this error.
In a case I have recently worked on, the page was displaying the error below if the user tries accessing the root of the application. There were no issues if they enter the full path.