1. [Log Locations](#log-locations)
2. [Common HTTP Error Codes](#common-http-error-codes)
3. [GUI Troubleshooting Methods](#gui-troubleshooting-methods)
4. [PowerShell Troubleshooting Methods](#powershell-troubleshooting-methods)
---
C:\inetpub\logs\LogFiles\W3SVC1 (where 1 = site ID)- GUI: IIS Manager → Sites → [YOUR_SITE_NAME] → double-click "Logging" icon → Directory path shows location
- PowerShell: gwc "system.webserver/httpLogging" "IIS:\Sites\[SITE]"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files---
Common Causes: URL too long, malformed headers, invalid characters in request
GUI Troubleshooting:
1. Open IIS Manager → Start Menu → type "IIS Manager" → Enter
2. Navigate to site → Expand server name → Expand "Sites" → Click [YOUR_SITE_NAME]
3. Check Request Filtering:
- Double-click "Request Filtering" icon in main panel
- Click "Edit Feature Settings" in right panel
- Check "Maximum URL length" and "Maximum query string" values
4. Check Request Limits:
- In Request Filtering → "Request Limits" tab
- Check "Maximum allowed content length"
PowerShell Debugging:
# Check request limits
gwc "system.webserver/security/requestFiltering/requestLimits" "IIS:\Sites\[SITE]"
# URL length limit
(gwc "system.webserver/security/requestFiltering/requestLimits" "IIS:\Sites\[SITE]").maxUrl
---
Common Causes: Wrong credentials, authentication not configured, app pool identity issues
GUI Troubleshooting:
1. Check Authentication Methods:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Authentication" icon
- Location: Main panel shows all auth methods (Anonymous, Windows, Forms, etc.)
- Right-click method → "Enable" or "Disable"
2. Check Application Pool Identity:
- IIS Manager → Click "Application Pools" in left panel
- Find [YOUR_APP_POOL_NAME] → Right-click → "Advanced Settings"
- Location: "Process Model" section → "Identity" field shows current identity
- Click "..." button to change identity
3. Check NTFS Permissions:
- Windows Explorer → Navigate to [YOUR_WEBSITE_FOLDER]
- Right-click folder → "Properties" → "Security" tab
- Verify "IIS_IUSRS" and your app pool identity have "Read & Execute" permissions
PowerShell Debugging:
# Check enabled auth
gwc "system.webserver/security/authentication/*" "IIS:\Sites\[SITE]" | ?{$_.enabled}
# App pool identity
(Get-IISAppPool [POOL]).ProcessModel.IdentityType
(Get-IISAppPool [POOL]).ProcessModel.UserName
# NTFS perms
(gacl [PATH]).Access | ?{$_.IdentityReference -like "*IIS_IUSRS*"}
---
Common Causes: NTFS permissions, directory browsing disabled, IP restrictions, SSL required
GUI Troubleshooting:
1. Check Directory Browsing:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Directory Browsing"
- Location: "Actions" panel on right → Click "Enable" if needed
2. Check IP Restrictions:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "IP Address and Domain Restrictions"
- Location: Main panel shows allowed/denied IPs
- "Actions" panel → "Add Allow Entry" or "Add Deny Entry"
3. Check SSL Requirements:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "SSL Settings"
- Location: "Require SSL" checkbox and "Client certificates" options
4. Check Default Document:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Default Document"
- Location: Main panel shows list of default documents (index.html, default.aspx, etc.)
PowerShell Debugging:
# Directory browsing
(gwc "system.webserver/directoryBrowse" "IIS:\Sites\[SITE]").enabled
# IP restrictions
gwc "system.webserver/security/ipSecurity" "IIS:\Sites\[SITE]"
# SSL settings
gwc "system.webserver/security/access" "IIS:\Sites\[SITE]"
# Default docs
gwc "system.webserver/defaultDocument/files" "IIS:\Sites\[SITE]"
---
Common Causes: File doesn't exist, handler not configured, routing issues
GUI Troubleshooting:
1. Verify File Exists:
- Windows Explorer → [YOUR_WEBSITE_PHYSICAL_PATH]
- Check if requested file actually exists
2. Check Handler Mappings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Handler Mappings"
- Location: Main panel shows all handlers (.aspx, .php, .html, etc.)
- Look for handler matching your file extension
3. Check MIME Types:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "MIME Types"
- Location: Main panel shows file extensions and MIME types
- "Actions" panel → "Add" to add missing MIME type
PowerShell Debugging:
# File exists?
Test-Path "[PATH]\[FILE]"
# Handlers
gwc "system.webserver/handlers" "IIS:\Sites\[SITE]"
# MIME types
gwc "system.webserver/staticContent" "IIS:\Sites\[SITE]"
# URL rewrite (if installed)
gwc "system.webserver/rewrite/rules" "IIS:\Sites\[SITE]"
---
Common Causes: HTTP verb not allowed (POST to static file, GET to POST-only endpoint)
GUI Troubleshooting:
1. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: "HTTP Verbs" tab shows allowed/denied verbs
- "Actions" panel → "Allow Verb" or "Deny Verb"
2. Check Handler Mappings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Handler Mappings"
- Location: Double-click handler → "Request Restrictions" button → "Verbs" tab
PowerShell Debugging:
# Check verb restrictions
gwc "system.webserver/security/requestFiltering/verbs" "IIS:\Sites\[SITE]"
# Handler verb restrictions
gwc "system.webserver/handlers" "IIS:\Sites\[SITE]" | select name,verb,path
---
Common Causes: Client's Accept header doesn't match server's content types
GUI Troubleshooting:
1. Check MIME Types:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "MIME Types"
- Location: Main panel shows registered MIME types
- Add missing content type that client expects
PowerShell Debugging:
# List MIME types
gwc "system.webserver/staticContent" "IIS:\Sites\[SITE]" | select fileExtension,mimeType
---
Common Causes: Client took too long to send complete request
GUI Troubleshooting:
1. Check Connection Timeout:
- IIS Manager → Sites → [YOUR_SITE_NAME] → "Actions" panel → "Advanced Settings"
- Location: "Connection Timeout" (default 120 seconds)
2. Check Request Timeout (ASP.NET):
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "ASP.NET" (if available)
- Or check web.config httpRuntime executionTimeout
PowerShell Debugging:
# Site connection timeout
(Get-IISSite [SITE]).Limits.ConnectionTimeout
# ASP.NET timeout from web.config
[xml]$config = gc "[PATH]\web.config"
$config.configuration."system.web".httpRuntime.executionTimeout
---
Common Causes: WebDAV conflicts, file locks, resource conflicts
GUI Troubleshooting:
1. Check WebDAV:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "WebDAV Authoring Rules"
- Location: Main panel shows WebDAV rules if module installed
- Disable WebDAV if not needed
PowerShell Debugging:
# Check if WebDAV is installed
Get-WindowsFeature IIS-WebDAV
# WebDAV settings
gwc "system.webserver/webdav" "IIS:\Sites\[SITE]" -ea 0
---
Common Causes: Resource permanently removed, custom application logic
GUI Troubleshooting:
1. Check Custom Errors:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Error Pages"
- Location: Look for custom 410 handling
- Usually handled by application code, not IIS directly
PowerShell Debugging:
# Check if custom 410 page configured
gwc "system.webserver/httpErrors" "IIS:\Sites\[SITE]" | ?{$_.statusCode -eq 410}
---
Common Causes: POST/PUT request missing Content-Length header
GUI Troubleshooting:
1. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: "Request Limits" tab → "Maximum allowed content length"
PowerShell Debugging:
# Content length limits
(gwc "system.webserver/security/requestFiltering/requestLimits" "IIS:\Sites\[SITE]").maxAllowedContentLength
---
Common Causes: Request body exceeds size limits
GUI Troubleshooting:
1. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: "Request Limits" tab → "Maximum allowed content length" (bytes)
2. Check ASP.NET Limits:
- Check web.config for httpRuntime maxRequestLength (KB)
PowerShell Debugging:
# IIS limit (bytes)
(gwc "system.webserver/security/requestFiltering/requestLimits" "IIS:\Sites\[SITE]").maxAllowedContentLength
# ASP.NET limit (KB)
[xml]$config = gc "[PATH]\web.config"
$config.configuration."system.web".httpRuntime.maxRequestLength
---
Common Causes: URL exceeds length limits
GUI Troubleshooting:
1. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: "Edit Feature Settings" → "Maximum URL length" (default 4096)
PowerShell Debugging:
# URL length limit
(gwc "system.webserver/security/requestFiltering/requestLimits" "IIS:\Sites\[SITE]").maxUrl
---
Common Causes: Content-Type not supported by handler
GUI Troubleshooting:
1. Check Handler Mappings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Handler Mappings"
- Location: Verify handler exists for content type
2. Check MIME Types:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "MIME Types"
- Location: Add missing MIME type
PowerShell Debugging:
# Handlers by content type
gwc "system.webserver/handlers" "IIS:\Sites\[SITE]" | select name,path,verb
# MIME types
gwc "system.webserver/staticContent" "IIS:\Sites\[SITE]" | select fileExtension,mimeType
---
Common Causes: Rate limiting, DDoS protection triggered
GUI Troubleshooting:
1. Check Dynamic IP Restrictions (if installed):
- IIS Manager → Server → Double-click "Dynamic IP Restrictions"
- Location: Main panel shows rules for blocking based on request frequency
2. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: Custom rules may limit request frequency
PowerShell Debugging:
# Dynamic IP restrictions
gwc "system.webserver/security/dynamicIpSecurity" "IIS:\" -ea 0
# Custom rate limiting (app specific)
gwc "system.webserver/security/requestFiltering" "IIS:\Sites\[SITE]"
---
Common Causes: Code errors, web.config syntax errors, missing dependencies
GUI Troubleshooting:
1. Enable Detailed Errors (TEMPORARILY):
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Error Pages"
- Location: Find "500" in main panel → Right-click → "Edit"
- Change "Response action" to "Detailed errors" → OK
- IMPORTANT: Change back to "Custom error pages" after troubleshooting
2. Check Application Pool Status:
- IIS Manager → "Application Pools" in left panel
- Location: Find [YOUR_APP_POOL_NAME] → Check "State" column
- If "Stopped" → Right-click → "Start"
3. Check Event Logs:
- Start → "Event Viewer"
- Location: Windows Logs → Application
- Look for recent errors from "ASP.NET" or "IIS"
PowerShell Debugging:
# Enable detailed errors (temp)
swc "system.webserver/httpErrors/error[@statusCode='500']" @{responseMode="Detailed"} "IIS:\Sites\[SITE]"
# App pool status
Get-IISAppPool [POOL] | select Name,State
# Recent errors
gel Application -Source "*ASP.NET*" -Newest 5 | select TimeGenerated,Source,Message
# Config valid?
Test-Path "[PATH]\web.config"
---
Common Causes: App pool crashed, CGI timeout, proxy issues
GUI Troubleshooting:
1. Check Application Pool:
- IIS Manager → "Application Pools"
- Location: Find [YOUR_APP_POOL_NAME] → Check "State" column
- If "Stopped" → Right-click → "Start"
2. Check App Pool Settings:
- Right-click [YOUR_APP_POOL_NAME] → "Advanced Settings"
- Key Settings to Check:
- "Process Model" → "Idle Time-out": Default 20 minutes
- "Recycling" → "Regular Time Interval": Default 1740 minutes
- "Rapid-Fail Protection" → "Enabled": Should be True
3. Check FastCGI Settings (for PHP/other CGI apps):
- IIS Manager → Server level → Double-click "FastCGI Settings"
- Location: Main panel shows configured FastCGI applications
- Double-click entry → Check "Activity Timeout" and "Request Timeout"
PowerShell Debugging:
# App pool status & restart
Get-IISAppPool [POOL]
Restart-WebAppPool [POOL]
# Rapid-fail events
gel System -Source "*WAS*" -Newest 10 | ?{$_.Message -like "*[POOL]*"}
# Worker processes
gwmi Win32_Process -Filter "Name='w3wp.exe'" | select ProcessId,CommandLine
# FastCGI settings
gwc "system.webserver/fastCgi/application" "IIS:\"
---
Common Causes: App pool stopped, overloaded, rapid-fail protection triggered
GUI Troubleshooting:
1. Check Application Pool Status:
- IIS Manager → "Application Pools"
- Location: [YOUR_APP_POOL_NAME] "State" column
- If "Stopped" → Right-click → "Start"
2. Check Rapid-Fail Protection:
- Right-click [YOUR_APP_POOL_NAME] → "Advanced Settings"
- Location: "Rapid-Fail Protection" section
- "Enabled": True/False
- "Failure Count Threshold": Default 5
- "Failure Interval": Default 5 minutes
- If triggered → Right-click app pool → "Start"
3. Check Queue Length:
- In Advanced Settings → "General" section
- Location: "Queue Length": Default 1000
- If too low, increase value
PowerShell Debugging:
# Start app pool
Start-WebAppPool [POOL]
# Rapid-fail status
(Get-IISAppPool [POOL]).Failure
# Reset rapid-fail
Reset-WebAppPool [POOL]
# Queue size
gc "\HTTP Service Request Queues([POOL])\CurrentQueueSize" -ea 0
---
Common Causes: HTTP method not supported, handler missing
GUI Troubleshooting:
1. Check Handler Mappings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Handler Mappings"
- Location: Verify handler exists for requested resource type
- "Actions" panel → "Add Managed Handler" or "Add Script Map"
2. Check Request Filtering:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Request Filtering"
- Location: "HTTP Verbs" tab → Ensure verb is allowed
PowerShell Debugging:
# Available handlers
gwc "system.webserver/handlers" "IIS:\Sites\[SITE]" | select name,path,verb
# Allowed HTTP verbs
gwc "system.webserver/security/requestFiltering/verbs" "IIS:\Sites\[SITE]"
---
Common Causes: Upstream server timeout, CGI/FastCGI timeout, proxy timeout
GUI Troubleshooting:
1. Check FastCGI Timeout (PHP/other CGI):
- IIS Manager → Server level → Double-click "FastCGI Settings"
- Location: Double-click application → "Activity Timeout" and "Request Timeout"
- Increase timeout values if needed
2. Check Application Pool Timeout:
- IIS Manager → Application Pools → [YOUR_APP_POOL_NAME] → Right-click → "Advanced Settings"
- Location: "Process Model" → "Idle Time-out (minutes)"
- "Process Model" → "Ping Enabled" and "Ping Maximum Response Time"
3. Check ARR Proxy (if using Application Request Routing):
- IIS Manager → Server level → Double-click "Application Request Routing Cache"
- Location: "Server Proxy Settings" → "Time-out (seconds)"
PowerShell Debugging:
# FastCGI timeouts
gwc "system.webserver/fastCgi/application" "IIS:\" | select fullPath,activityTimeout,requestTimeout
# App pool timeouts
(Get-IISAppPool [POOL]).ProcessModel | select IdleTimeout,PingInterval,PingResponseTime
# ARR timeout (if installed)
gwc "system.webserver/proxy" "IIS:\" -ea 0 | select timeout
---
Common Causes: Client using unsupported HTTP version (HTTP/2, HTTP/3 issues)
GUI Troubleshooting:
1. Check HTTP/2 Settings:
- Registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
- Location: EnableHttp2Tls and EnableHttp2Cleartext values
- Or use netsh commands
2. Check Site Bindings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → "Actions" panel → "Bindings"
- Location: Verify SSL/TLS settings for HTTPS
PowerShell Debugging:
# Check HTTP/2 registry settings
gp "HKLM:\SYSTEM\CurrentControlSet\Services\HTTP\Parameters" -Name EnableHttp2* -ea 0
# Site bindings
Get-IISSiteBinding [SITE] | select Protocol,BindingInformation,SslFlags
---
Common Causes: Disk space full, temp directory full, log directory full
GUI Troubleshooting:
1. Check Disk Space:
- Windows Explorer → Check free space on system drive and website drive
- Location: Right-click drive → "Properties" → Check free space
2. Check Log Directory:
- Navigate to C:\inetpub\logs\LogFiles\W3SVC[SITE_ID]
- Location: Check if log directory is full
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "Logging" → Configure log rotation
3. Check Temp Directories:
- Check C:\Windows\Temp and C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files
PowerShell Debugging:
# Disk space
gwmi Win32_LogicalDisk | select DeviceID,@{n="FreeGB";e={[math]::Round($_.FreeSpace/1GB,2)}},@{n="SizeGB";e={[math]::Round($_.Size/1GB,2)}}
# Log directory size
gci "C:\inetpub\logs\LogFiles\W3SVC*" -Recurse | measure -Property Length -Sum | select @{n="SizeMB";e={[math]::Round($_.Sum/1MB,2)}}
# Temp ASP.NET files
gci "C:\Windows\Microsoft.NET\Framework*\v*\Temporary ASP.NET Files" -Recurse -ea 0 | measure -Property Length -Sum
---
Common Causes: HTTPS required but HTTP used, WebSocket upgrade required
GUI Troubleshooting:
1. Check SSL Settings:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "SSL Settings"
- Location: "Require SSL" checkbox
- Check if "Require" is enabled but client used HTTP
PowerShell Debugging:
# SSL requirements
(gwc "system.webserver/security/access" "IIS:\Sites\[SITE]").sslFlags
---
Common Causes: Content blocked due to legal requirements, geo-blocking
GUI Troubleshooting:
1. Check IP Restrictions:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "IP Address and Domain Restrictions"
- Location: Check for country/region blocks
2. Check URL Rewrite Rules:
- IIS Manager → Sites → [YOUR_SITE_NAME] → Double-click "URL Rewrite"
- Location: Look for rules that block based on geo-location
PowerShell Debugging:
# IP restrictions
gwc "system.webserver/security/ipSecurity" "IIS:\Sites\[SITE]"
# URL rewrite rules
gwc "system.webserver/rewrite/rules" "IIS:\Sites\[SITE]" -ea 0
---
#### Failed Request Tracing
1. Enable: IIS Manager → Sites → [YOUR_SITE_NAME] → "Actions" panel → "Failed Request Tracing"
2. Configure Rules: Click "Add" → Select content type → Set status codes → Set trace providers
3. View Logs: Navigate to C:\inetpub\logs\FailedReqLogFiles\W3SVC[SITE_ID]
#### Worker Processes Monitor
1. Access: IIS Manager → Server level → Double-click "Worker Processes"
2. View Requests: Double-click active w3wp.exe process
3. Location: Shows currently executing requests with URL, time elapsed, client IP
---
ipmo WebAdministration,IISAdministration
# Services
gsv W3SVC,WAS
# Sites
Get-IISSite | select Name,ID,State,@{n="Path";e={$_.Applications[0].VirtualDirectories[0].PhysicalPath}}
# App pools
Get-IISAppPool | select Name,State,ProcessModel
# Bindings
Get-IISSiteBinding | select SiteName,Protocol,BindingInformation
# Which pool for site
(Get-IISSite [SITE]).Applications.ApplicationPoolName
# Latest IIS log (last 50 lines)
$log = gci "C:\inetpub\logs\LogFiles\W3SVC[ID]" -Filter "*.log" | sort LastWriteTime -Desc | select -First 1
gc $log.FullName | select -Last 50
# Errors only
gc "C:\inetpub\logs\LogFiles\W3SVC[ID]\*.log" | ?{$_ -like "*50[0-9]*"} | select -Last 20
# App errors
gel Application -EntryType Error -Newest 10 | ?{$_.Source -like "*IIS*" -or $_.Source -like "*ASP.NET*"}
# Worker process stats
gwmi Win32_Process -Filter "Name='w3wp.exe'" | select ProcessId,@{n="MemMB";e={[math]::Round($_.WS/1MB,2)}},CommandLine
# Key counters
$ctrs = "\Web Service(_Total)\Current Connections","\Web Service(_Total)\Requests/Sec","\Process(w3wp)\% Processor Time"
gc $ctrs -SampleInterval 2 -MaxSamples 3
# Backup
Backup-WebConfiguration "Backup_$(Get-Date -f 'yyyyMMdd_HHmm')"
# List backups
gwc "system.applicationHost/configHistory" | select path,created