If a web browser starts loading the web page but it never finishes loading it, look for the resources being loaded and the debug errors in F12 Developer Tools.
If the page has an iframe, try testing the page after removing the iframe. If it works without the iframe, then look for further leads to narrow the issue down.
500 Internal Server Error is one of the most common IIS server errors I see daily basis. Most of the time, a coding or configuration issue causes this error.
In a case I have recently worked on, the page was displaying the error below if the user tries accessing the root of the application. There were no issues if they enter the full path.
Every once in a while, I come across an issue where the IIS binding is deleted unexpectedly or the SSL certificate in the IIS binding is replaced or removed for some reason. In one of these cases, I saw “SSL Certificate Settings deleted for endpoint” warning message in Event Viewer:
Event ID 15300 (HttpEvent)
SSL Certificate Settings deleted for endpoint
If you want to test ASP.NET functionality in a web server, feel free to use the code below. This is the easiest way of making sure IIS can render ASPX pages.
Especially after a new installation of IIS role in a server, you may notice that your browser returns “404 Page Not Found” error if you try to visit ASP.NET pages. Files exist and the URL is correct. What to do in this situation?
Due to the company policies, many developers don’t have Administrator rights on the machines they use for development. Microsoft released IIS Express to allow these developers load and run projects in Visual Studio without Administrator rights.
If your project is somehow not compatible with IIS Express and you want to run it on Local IIS without Administrator rights on the machine, try the two workarounds below. They are not guaranteed to work but you may save a lot of time if they do work.
IIS websites use all the available CPU power by default. There are application pool settings you can play around if you want to limit the CPU usage or you want to assign specific processors to specific websites.
TLS (Transport Layer Security) is a cryptographic protocol to provide secure communications over networks. IETF (Internet Engineering Task Force) built TLS on the SSL (Secure Socket Layer) specification which is now deprecated. Over the time, IETF release TLS versions 1.0, 1.1, 1.2, and 1.3.
SameSite cookie prevents cross-site request forgery (CSRF) attacks by restricting the usage of third-party resources in web applications. Resource examples are the URLs in GET, POST, link, iframe, Ajax, image etc. If a URL is different than the actual web application’s URL, it means that it’s a third-party resource.