URLSCAN 3.0 problem ("Invalid index.")
I have URLSCAN 3.0 installed on a 32-bit Win2003+SP2 IIS server, and if the
URLSCAN.INI file includes the following:
Then it works fine, but if I uncomment the Max-Content-Type line (or add any
other Max-* request header lines) then URLSCAN rejects every single request
with an "Invalid index" error message in the returned in HTML, and does so
without logging anything to the URLSCAN.LOG file either.
- URLScan Update
... I have received a lot of feedback regarding my earlier post about URLScan. ... I opened a ticket with Microsoft support. ... I also invited him to present a scenario when an IIS server ... RejectResponseUrl or allow IIS to log the request ...
- Re: URLScan Rejects header "transfer-encoding:"
... URLScan may block this type of request. ... "I really did not want to reconfigure the URLScan just to accomodate a JDK ... cause vulnerabilities on your server. ... configuration as you see fit and we provide the information to do this. ...
- URLScan detection
... Product: URLScan ... URLScan can be detected on IIS servers by the way it responds to HEAD ... When a bad URL is rewritten it is changed to the GET request type. ... Server: Microsoft-IIS/5.0 ...
- Re: What is the URLScan Rejection Response?
... You can customize the response that UrlScan sends when it rejects a request. ... page contain your own custom code to run when UrlScan rejects a request. ... RejectResponseUrl in the UrlScan.doc file. ...
- Re: About http method trace track options in IIS4
... I doubt URLScan will have any noticable affect on the performance of your ... "translate:" header because it sometimes causes lots of urlscan logging you ... request. ... of allowed parts of requests reaching the server. ...