Vulnerability in EPiServer.Forms
We tried to install a new 5.1 SP2 site on a win 2003 server.
After the wizard finished, it tried to load the admin/setup.aspx page, but that would not display.
Checking the site in IIS manager, we found that not even static html pages would load. However, it was accessible if we created a new web site (on a different port) poining to the same directory.
Accessing the setup.aspx page via that new site, we got as far as to an epi-log in page. The log in worked, but thenwe got redireected to the admin directory which displayed a 404...
The server is already running a 4.62B, which we are trying to migrate.
It is also a domain controller, if that makes any difference.
Make sure that you have the wildcard mapping set in IIS. If you install using EPiServer Manager, the Manager will do it for you. Here is how to set that up manually:
1. Select your site, and click properties. 2. Switch to the "Home Directory" tab 3. Click "Configuration..." 4. In the "Application Configuration" dialog, click "Add ..." 5. Specify the path to the ASP.NET 2.0 ISAPI (you can get it from any of the other ASP.NET mappings), and the extension ( .*) you want to map to ASP.NET.
We found the error.
EPiServer Manager hade configured the new web site to use both port 80 and the port we specified, leading to a conflict with the default web site. Removing port 80 under "advanced" in iis manager solved the problem.