IIS ASP.NET无法加载资源:服务器随机响应403()的状态
my website is hosted on iis 10
Since my pages change frequently I have inserted this in the headers:
缓存控制:无循环,无存储,必须重新定位PRAGMA:No-Cache到期:0
执行此操作后,我所有的页面都有不加载的资源。
我认为问题已经存在,但是在缓存中拥有资源,我没有注意到它。
Failed to load resource: the server responded with a status of 403 ()
在服务器上的查看器中,我看到了这些错误:
The description for Event ID 1 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: [client 207.46.13.73] ModSecurity: collection_retrieve_ex: Unable to retrieve collection (name "ip", key "207.46.13.73_4f1ba30e7e0a1348a60fa661e5bb8b958e7f7aa5"). Use SecDataDir to define data directory first. [hostname "VULTR-GUEST"] [uri "/"] [unique_id "12105675809109317484"]
因此
The Application Host Helper Service encountered an error trying to delete the history directory 'C:\inetpub\history\CFGHISTORY_0000000214'. The directory will be skipped and ignored. Note that the directory may still get deleted in the future if the service restarts. The data field contains the error number.
我试图禁用modsecurity,但是问题并没有消失。事件视图中没有更多的错误。
令人惊讶的是,每次我刷新页面(CTRL + F5)时,封锁的资源都会发生变化。有时有些图像,另一些图像有些CS,其他字体等。
他们总是更改,它上传了它以前没有上传的图像,并且没有上传之前上传的图像。
我已经检查了一切,但我不明白发生了什么。问题存在于所有设备中。
唯一的特别是我在web.config
中使用cors 我不知道它是否相关。
<cors enabled="true" failUnlistedOrigins="true">
<add origin="https://example.com" allowed="true" allowCredentials="true" maxAge="120" />
<add origin="https://*.example.com" allowed="true" allowCredentials="true" maxAge="120" />
</cors>
我联系了支持,但他们也不知道该怎么办。
你有什么想法吗?
谢谢
卢卡
my website is hosted on iis 10
Since my pages change frequently I have inserted this in the headers:
cache-control: no-cache, no-store, must-revalidatepragma: no-cacheexpires: 0
After doing this all my pages have resources that don't load.
I think the problem was already there, but having the resources in the cache I didn't notice it.
Failed to load resource: the server responded with a status of 403 ()
In the Event Viewer on the server I saw these errors:
The description for Event ID 1 from source ModSecurity cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer. If the event originated on another computer, the display information had to be saved with the event. The following information was included with the event: [client 207.46.13.73] ModSecurity: collection_retrieve_ex: Unable to retrieve collection (name "ip", key "207.46.13.73_4f1ba30e7e0a1348a60fa661e5bb8b958e7f7aa5"). Use SecDataDir to define data directory first. [hostname "VULTR-GUEST"] [uri "/"] [unique_id "12105675809109317484"]
and
The Application Host Helper Service encountered an error trying to delete the history directory 'C:\inetpub\history\CFGHISTORY_0000000214'. The directory will be skipped and ignored. Note that the directory may still get deleted in the future if the service restarts. The data field contains the error number.
So I tried to disable ModSecurity, but the problem didn't go away. There are just no more errors in the EventViewer.
The amazing thing is that every time I refresh the page (ctrl + F5) the blocked resources change. Sometimes some images, others some css, others the fonts etc.
They always change, it uploads the images that it did not upload before and it does not upload the images it had uploaded before.
I had checked everything, but I don't understand what is happening. The problem exists in all devices.
The only particular thing is that I use CORS in the web.config
I don't know if it's relevant.
<cors enabled="true" failUnlistedOrigins="true">
<add origin="https://example.com" allowed="true" allowCredentials="true" maxAge="120" />
<add origin="https://*.example.com" allowed="true" allowCredentials="true" maxAge="120" />
</cors>
I contacted support, but they also don't know what to do.
Do you have any ideas?
Thanks
Luca
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
Microsoft Internet信息服务中的超文本传输协议(HTTP)状态代码说:
因此,我将其增加到200毫秒中的50个电话,该网站再次开始工作。
The Hypertext Transfer Protocol (HTTP) status codes in Microsoft Internet Information Services says:
So I increased it to 50 calls in 200 milliseconds and the site started working again.