Freigeben über


HOWTO: Allow file downloads (including .exe) on IIS 6.0

Variations of this question are asked of IIS 6 all the time. However, the answer is no different than for any other version of IIS other than the fact that IIS 6 gives you a distinct error code to troubleshoot. What is not clear to me is why users think that the newly introduced Web Service Extension concept has something to do with this misconfiguration... I hope someone can give me some rationale.

Question:

Hello,

What is the correct method to allow .exe files to be downloaded or run from a web site on an IIS 6.0 server?

I am currently receiving a 404.2 error message in my browser when I try to open/download the executable files, and I am not sure which Web Service Extensions configuration changes must be made to allow this.

Thanks in advance,

Answer:

Given the current phrasing of your question, there is no correct method. Downloading a .exe file is NOT the same as run from a website, as I will describe below. I'll give a short answer and then a more detailed answer.

Short Answer

Your error message indicates that you have "Scripts and Executables" enabled, so IIS is trying to execute the .exe file on the web server, and since the .exe is not allowed by any defined Web Service Extension, a 404.2 results. The corrective action depends on what you want to do.

  1. If you want to allow .exe files to be downloaded as-is to the browser, then you must NOT have "Scripts and Executables" as Execute Permissions.
  2. If you want to execute the .exe file on the server to generate a response that is sent to the browser (possibly interpreted as a download), then you MUST have "Scripts and Executables" as Execute Permissions, and you must enable a Web Service Extension for that .exe file.

Details

Whenever the user makes the browser request a resource like "https://server/myapp.exe", users usually want one of the following actions to happen:

  1. Return the file contents of myapp.exe as-is to the browser (aka file download)
  2. Execute myapp.exe on the web server to generate a dynamic response (aka execute CGI script)

Now, the web server controls which action should happen, and on IIS, this is controlled by the "Execute Permissions" property of the virtual directory containing the .exe file. If the permission is set to "Scripts and Executables", then IIS will do action #2. Otherwise, it will do action #1.

Prior to IIS 6.0, there were no further security checks against either action. On IIS 6.0, there is one additional security check, depending on the action:

  1. For action #1, the file resource's extension (.exe in this case) must have a defined MIME Type or else a 404.3 occurs. .exe has a MIME Type of  application/octet-stream by default, so file download should just work.
  2. For action #2, there must be an enabled Web Service Extension for the full path to the .exe resource to allow IIS to execute it to generate a HTTP response or else a 404.2 occurs. For securety reasons, IIS 6 does not allow any resource to execute by default unless otherwise configured/allowed in Web Service Extension.

//David

Comments

  • Anonymous
    July 21, 2005
    Thanks this really helped resolve my problem.

  • Anonymous
    July 22, 2005
    You're welcome! This is a pretty common confusion amongst users, and I really hope this clears things up.

    //David

  • Anonymous
    August 21, 2005
    Your advise helped another confused IIS user who has been searching the answer on the web for weeks. THANKS!

  • Anonymous
    August 24, 2005
    Awesome response and thank you, I have been trying for two weeks to figure out what I changed on the server to make it try and run the program on the server, but was just over looking this.

  • Anonymous
    September 03, 2005
    Barbie - I am not certain what more info you are looking for.

    //David

  • Anonymous
    October 04, 2005
    The comment has been removed

  • Anonymous
    October 04, 2005
    The comment has been removed

  • Anonymous
    October 05, 2005
    The comment has been removed

  • Anonymous
    October 06, 2005
    How can I enable Web Service Extension for that .exe file?

  • Anonymous
    December 21, 2005
    Thanks... that solved a client's problem very quickly!

  • Anonymous
    March 02, 2006
    The comment has been removed

  • Anonymous
    March 02, 2006
    The comment has been removed

  • Anonymous
    March 19, 2006
    Very nice article, David, but didn't help me with one particular problem.
    I have .rdp files on an IIS6 server so users can open them directly, and thereby go to their rdp session (which might be ipaddress:3390 etc)
    They give the file not found error, but I can't see any mappings to them and exe's can download OK. Any ideas?

  • Anonymous
    March 19, 2006
    Yusuf - This blog entry describes what is going on and how to troubleshoot it. Please re-read the "Details" section.

    You most likely need to add a MIME Type for .rdp so that it is allowed for download. The reason you didn't do this for .exe is because there is already a defined MIME Type for .exe by default.

    //David

  • Anonymous
    March 20, 2006
    please tell me how to run *.exe file in server (and not download it). I am trying to figure out how to script for an application in c with *.exe (400kb) to run in a server upon query from a browser.

  • Anonymous
    April 01, 2006
    All your info is great for putting people on the right track, but you failed to mention a couple things. These two things are IIS Lockdown 2.1 and URLScan.dll.  Two nifty tools, yes.  But the URLScan will prevent .exe download, by its default config.  

    This little annoyance caused me about 30 mins of config tweaking trying to determine why my .exe's would serve.  So, be adviced, look in your urlscan.ini for config options.  

    Thx.

  • Anonymous
    April 01, 2006
    keith - Thanks for the additions.

    I just wanted to respond to your statement that I "failed to mention a couple of things".

    Please note that I intentionally disregarded IIS Lockdown 2.1 and URLScan in this blog entry because:
    1. Neither are installed by default on IIS6. Use on IIS6 is on a case-by-case basis.
    http://www.microsoft.com/technet/security/tools/urlscan.mspx
    2. Arbitrary ISAPI DLL can cause arbitrary behavior on IIS (like failure to allow EXE file downloads) for arbitrary reason. I cannot possibly write a prescriptive blog entry about an unknown arbitrary reason and how to resolve it.
    3. I want to explain the IIS6 specific behavior concerning allowing EXE file downloads, which is applicable on all IIS6 servers.
    4. URLScan rejections are not 404.2, which is in the original question.

    In other words, if the blog entry is about "ways to resolve arbitrary unexpected 404s", then yes, I should certainly mention the valid statement that "arbitrary ISAPI Extension or ISAPI Filter, such as URLScan, can alter server behavior to result in unexpected 404s."

    Now, I actually wrote this blog entry to describe a common user misunderstanding of:
    1. Downloading EXE to browser  vs
    2. Executing EXE on server  vs
    3. Executing EXE on the client

    Users tend to think that some combination of the above actions should "magically" happen with the exact same configuration -- obviously not possible. I wanted to point out how IIS views the requests and the configuration that allows IIS to distinguish between #1 and #2 (a key misunderstanding).

    //David

  • Anonymous
    April 12, 2006
    The comment has been removed

  • Anonymous
    April 12, 2006
    chall3ng3r - I am not certain what help you need.
    - ASP can use WScript.Shell to Run arbitrary executables on the server as the process identity.
    - ASP.Net can use System.Activator to also invoke WScript.Shell, or it can use System.Diagnostics.Process.Start() to run arbitrary executables as the process identity.

    So, the process identity needs write access to the directory to write the XML file

    You can alternatively figure out these details pragmatically using FileMon from sysinternals.com.

    //David

  • Anonymous
    April 25, 2006
    Possibly your .exe's can get blocked by URLScan

    Then your log would contain <Rejected-By-UrlScan>
    E.g.
    2006-04-26 01:32:39 10.254.48.61 - 10.108.117.202 80 GET /<Rejected-By-UrlScan> ~/dir/application.exe 404

    In such a case have URLScan.ini configured to allow .exe or whatever it is by following this article.
    http://support.microsoft.com/kb/326444/

    URLScan.ini location - %WINDIR%System32InetsrvURLscan
    Log files location - %SYSTEMROOT%System32LogFilesW3SVC#
    .log

  • Anonymous
    April 28, 2006
    I finally have enough blog entries about various portions of IIS6 request processing that I can stitch...

  • Anonymous
    April 29, 2006
    awesome, another 10K entry!

    //David

  • Anonymous
    May 23, 2006
    i had to allow .ace file download in iis6 (it was in parts, so each file had a different extension - i.e. .ace,.c01,.c02 ...). I had to do this by adding mime types in the properties of the virtual directory.
    I used application/octet-stream as the mime type for each extension (ace is just another format for zipping and i'm not sure if it is correct or not) and it started working.

  • Anonymous
    May 25, 2006
    Worked great!  Thanks!

  • Anonymous
    May 28, 2006
    Thanks!  You just saved me a lot of time and trouble!

  • Anonymous
    June 02, 2006
    The comment has been removed

  • Anonymous
    June 02, 2006
    I want to allow download myfile.zip from the Virtual Directory.
    But then trying to download I have error 404 .
    If I just change extension to myfile.txt, I may normal download it.
    How must I configure IIS to allow download zip file?

  • Anonymous
    June 14, 2006
    The comment has been removed

  • Anonymous
    June 15, 2006
    Thank you for this information.  I was able to fix my problem in minutes.  We recently switched to a new server running IIS 6 and suddenly SCR files were creating a file not found error rather than prompting users with the Run/Download option.  Once I added the SCR extension with the MIME Type of application/octet-stream the Run/Download option appeared.  Is there a site that lists all extensions with the appropriate associated MIME type if I identify additional extensions I need to add or is is save to just use "application/octet-stream" if I can not identify the specific MIME type?

  • Anonymous
    June 15, 2006
    The comment has been removed

  • Anonymous
    July 02, 2006
    Hi David, just want to ask how to set a .cer (X509 certificate) to be download. I've set the MIME type to application/x-x509-ca-cert, but the file show up in text.
    Thanks

  • Anonymous
    July 12, 2006
    David - you should be getting paid for this kind of advice!

  • Anonymous
    July 13, 2006
    Harry - hehe... you should tell my manager that. :-)

    //David

  • Anonymous
    July 15, 2006
    My Hat's off to you David.  Thanks for the great advice.  I too had the same trouble with .exe files and searched the net for a while before stumbling across this article.  Of course, after reading through the responses,  it seems more like you were being attacked instead of offering advice.  Shame on those so quick to prove others wrong!!
    My fix was to change the site to Scripts only.  This allowed me to achieve what I desired to have them be prompted for the download of the .exe file.

    Keep up the good work and Thanks again.  The info was greatly appreciated!!  :-)

  • Anonymous
    July 19, 2006
    The comment has been removed

  • Anonymous
    July 20, 2006
    MickeyDing - Yes, a * MIME-Type allows all files (extension *) to be transported as binary (application/octet-stream).

    Default IIS6 behavior is to only allow downloads of defined MIME Types, and adding a * MIME-Type defeats that security check.

    However, if your purpose is to have a download directory, then the security risk of * MIME-Type on that directory is necessary.

    In other words, every single piece of functionality you enable on the web has an associated security risk. The only thing you can do is decide whether the risk is necessary, and if so, how to minimize/mitigate the risk.

    //David

  • Anonymous
    July 25, 2006
    David -  I am trying to download our own custom extension over .Net application. I have added it to MIME type as application/octet-stream and also to Virtual Directory as new MIME type. But still for some reason it does not get downloaded. If I change the extension for the same file .tif it gets.

    Any ideas? As a test I even created a Test folder and tried to access the URL in Internet Explorer. For .tif extension it asks to open or save but for the custom extension it says page cannot be displayed.

    Thanks in advance!

  • Anonymous
    July 25, 2006
    Jay - The answer depends on the handler that sends the download.

    If the download of the custom extension is sent by your own application, then you are responsible for fixing the problem. MIME Type is only relevant when the IIS Static File Handler sends the resource.

    You should start by troubleshooting what status/substatus is recorded for the failing request. IE says "page cannot be displayed" for many reasons, not all related to MIME Type.

    In other words, setting the MIME Type does not ensure a file download. It only works if the file extension is handled by the IIS Static File Handler.

    I have other related blog entries along the sidebar of my Blog to explain how IIS handles requests, how to correctly troubleshoot IIS, etc. I suggest reading them all for more info.

    //David

  • Anonymous
    August 28, 2006
    David -
    I have run into a situation where I can not get IIS 6 to serve up files with a .log extension.

    I have a website that has a small data driven front end that lets you upload and view files stored in a share on a file server physically separate from the web server.  That share is mapped to via a virtual directory on the webroot.

    Every time a .log file is requested the website throws a 404 error.  So I tried adding .log to the list of mime types and no I am getting a 500 error.

    Any ideas?

  • Anonymous
    September 02, 2006
    Hey,
    Is there any way to define "All unknown extensions" in the MIME settings to be "application/octet stream" (downloadable, I think)? I would like any files not directly recognized by IIS to be considered downloadable, any ideas?

  • Anonymous
    September 13, 2006
    The comment has been removed

  • Anonymous
    September 13, 2006
    The comment has been removed

  • Anonymous
    September 14, 2006
    I'm sure the use of adding .ICA files to web servers to launch published applications from Presentation

  • Anonymous
    September 30, 2006
    The comment has been removed

  • Anonymous
    October 10, 2006
    Please help me!!! I have lot of files on the server(it has got IIS 6.0) with different extensions(like abc.x01, xyz.x02, ddd.c12...). I have set the MIME type to .* with application/octet-stream. When I open these files from the IE, it directly opens file on the browser but I would like to have the "File Download" option, so that I can save the file instead of opening it automatically. please help me..... Many thanks Sasi.

  • Anonymous
    October 11, 2006
    The comment has been removed

  • Anonymous
    April 19, 2007
    Thank you David! It really solved my problem.

  • Anonymous
    April 25, 2007
    The comment has been removed

  • Anonymous
    June 06, 2007
    Thanks this saved me a lot of time. It reminds me why I use Linux servers. I find them easier to admin.

  • Anonymous
    June 07, 2007
    LGR - I'm glad to be able to help. However, ease of administration is relative to one's skill set. Linux and Windows simply have different usage models. For example, I'm sure I find Linux as difficult to manage as you find Windows difficult to manage. But, I respect and leverage the advantages of each platform. //David

  • Anonymous
    July 14, 2007
    OK, but... don't work with .reg files. How to allow .reg files downloads on IIS 6.0

  • Anonymous
    July 16, 2007
    Thanks, this article helped alot.

  • Anonymous
    July 16, 2007
    David, I'm trying to get IIS 6.0 to serve up MP4 files without success. I've tried all of your suggestions so far in this list (re MIME Types etc) but it still just gives a 404 error page not found. Is there anything else that could be preventing MP4 files from being served? Regards, Rod

  • Anonymous
    July 20, 2007
    RodW - Please look in the IIS log file entry for the 404 response and if it is a:

  • 404 3 50, that is due to incorrect MIME Type configuration
  • 404 2 1260, that is due to misconfigured Application Mapping which does not have an enabled Web Service Extension
  • 404 0 2, that is a real "File not found".
  • Anything else, it has nothing to do with IIS and depends on arbitrary ISAPI software installed on your server //David
  • Anonymous
    July 30, 2007
    OK. I did this and the log says its 404 2 1260 Since MP4 files are normally played by Apple Quicktime does this mean that I have to set up a Web Service Extension for MP4 as I have done for other files (like PHP etc)? If so, which of the many Quicktime dlls do I need to specify the as the required file?

  • Anonymous
    August 06, 2007
    The comment has been removed

  • Anonymous
    August 19, 2007
    thanks, your explanation helped me figure out why web deployment of symantec was having problems. todd

  • Anonymous
    September 01, 2007
    Please help !!! Anyway we can limit the file being download by file size? For example, all file >1Mb cannot be downloaded through HTTP

  • Anonymous
    September 03, 2007
    For anyone with 404 problems, make sure that your .php string in your Website -> Configuration matches with that in your ISAPI filter (if any) and in your Web Service Extension configuration. This is the correct way to do it and far safer than just enabling all Unknown ISAPI configurations.

  • Anonymous
    September 16, 2007
    thanks, very clear explanation.

  • Anonymous
    September 20, 2007
    Thanks a lot David for these useful information. It really helped me a lot. Thanks a million again.

  • Anonymous
    September 21, 2007
    Help!! I'm using the System.Net.WebClient because I need to roll this into a DLL for VB6 programs to use. 'Download a file works great. (2 lines of code)        Dim wcClient As WebClient = New System.Net.WebClient()        wcClient.DownloadFile("http://X/X/1.jpg", "C:1.jpg")     Upload throws a 404 0 Not Fnd. If no credential passed, throws 401 wcClient.Credentials = New NetworkCredential("UID", "PW") wcClient.UploadFile("http://X/X/1.jpg", "PUT", "C:1.jpg") Can't find answer. Localhost works fine. Must be permissions?? Created virtual dir and assigned all read/write permissions to receiving folder on server. Any ideas or suggestions would be greatly appreciated...

  • Anonymous
    October 07, 2007
    deseo obtener los beneficios del este servicio

  • Anonymous
    October 07, 2007
    deseo obtener los beneficios de este servicio downlaods

  • Anonymous
    October 07, 2007
    deseo obtener todos los beneficios del programa via downloads

  • Anonymous
    October 08, 2007
    Thanks for the solution. I 'll remember that because I spent half a day searching.

  • Anonymous
    October 18, 2007
    Thanks, this fixed my problem.

  • Anonymous
    October 24, 2007
    The comment has been removed

  • Anonymous
    October 30, 2007
    I correct the problem, thanks for fast reply Tom

  • Anonymous
    November 13, 2007
    The comment has been removed

  • Anonymous
    November 17, 2007
    The comment has been removed

  • Anonymous
    December 06, 2007
    The comment has been removed

  • Anonymous
    December 13, 2007
    hi to all, i have done one project in vb.net, i dont know how to generate exe file and setup file, please help me thanks alot

  • Anonymous
    January 29, 2008
    Great help, I was even able to use it for my problem on IIS ver 5.1 and getting my .exe file to generate a response (option #2).  Many thanks!!!!!!

  • Anonymous
    February 01, 2008
    Many thanks!  Couldn't figure out why we couldn't download .exe files.

  • Anonymous
    March 02, 2008
    Let me add my thanks as wellf or a concise (and very useful) answer! :D

  • Anonymous
    March 11, 2008
    Even with the shear numbers of replies to your blog, let me add my thank you as well. Your post is concise and to the point! It's unfortunate vendor product documentation can't be like this.

  • Anonymous
    March 14, 2008
    G.S.Lyon - Welcome. Glad I could help and explain things quickly and concisely. //David

  • Anonymous
    April 10, 2008
    Thanks David, that "Scripts and Executables" had me too!

  • Anonymous
    April 11, 2008
    Awesome, that saved my day. Thanks David. That was really good!!

  • Anonymous
    May 19, 2008
    The comment has been removed

  • Anonymous
    May 21, 2008
    The comment has been removed

  • Anonymous
    May 22, 2008
    Hey..the view u mentioned are quiet good..but i m using verion IIS5.1...The mentioned thing is not working there...Kindly revert back

  • Anonymous
    June 04, 2008
    The comment has been removed

  • Anonymous
    June 04, 2008
    Doo4fun - It sounds like you configured every possible combination, all conflicting, so nothing works as it should. First, get rid of the configuration changes you made, such as adding the .exe MIME Type, .EXE Web Service Extension, and .EXE Application mapping. Your configuration is causing the misbehavior. Then, decide on what you want to do based on this blog entry, which describes how to properly configure all the options. Any other configuration is incorrect. //David

  • Anonymous
    June 05, 2008
    The comment has been removed

  • Anonymous
    June 07, 2008
    The comment has been removed

  • Anonymous
    July 28, 2008
    The comment has been removed

  • Anonymous
    August 01, 2008
    The comment has been removed

  • Anonymous
    August 02, 2008
    Ben - this sounds like a problem with your .exe files because they are not generating proper HTTP response to be interpreted as web content by browsers. Please run the .exe yourself and report the exact output produced by the .exe files, including output of every single byte that is sent, because HTTP cares around the exact bytes, not characters, being transferred. //David

  • Anonymous
    August 03, 2008
    Hi David -- Thanks for the response.  The initial "load" page is very simple.   Here is the output (the first character "C" is line 1, char 1): Content-Type: text/html; charset=ISO-8859-1 <html> <head><title>Company Title</title>  <style type='text/css'>  <!--  url(../css/23A7.css) -->  </style>  <script language=Javascript1.2>  <!--  function onFormSubmit() {    setTimeout ("document.forms['one'].uname.value=''", 5000); setTimeout ("document.forms['one'].pd.value=''", 5000);    var EncUname;    var HexEncUname;    var EncPd;    var HexEncPd;    var uName = document.forms['one'].uname.value;    var pd = document.forms['one'].pd.value;    var key = "";    EncUname = des( key, uName, 1, 0 );    HexEncUname = translate( EncUname, 'ascii' );    EncPd = des( key, pd, 1, 0 );    HexEncPd = translate( EncPd, 'ascii' );    document.forms['two'].hiddenuname.value = HexEncUname;    document.forms['two'].hiddenpd.value = HexEncPd;    var winString = 'width=' + winWidth + ',height=' + winHeight;    winString = winString + 'menubar=no,toolbar=no,scrollbars=yes,resizable=yes,left=5,top=5';    document.forms['two'].target = 'main';    window.open('', 'main', winString);    document.forms['two'].submit();    return false; }  function bodyLoad() {    document.one.uname.focus();  } --> </script> </head> <body onLoad='bodyLoad();'> <center><img src='../images/keysystems_logo.gif'></center> <br><br> <center><h3>Login</h3></center> <center> <FORM method='POST' name='one' onSubmit="return onFormSubmit();"> <table> <tr><td class='small-form'>Username:</td><td><INPUT TYPE='text' name='uname' class='small-form'></td></tr> <tr><td class='small-form'>Password:</td><td><INPUT TYPE='password' name='pd' class='small-form'></td></tr> <tr><td colspan='2'><INPUT TYPE='submit' value='Submit'></td></tr> </table> </FORM> </center> <FORM method='POST' name='two' action='main.exe'>   <INPUT TYPE='hidden' name='hiddenuname'>   <INPUT TYPE='hidden' name='hiddenpd'> </FORM> </body> </html>

  • Anonymous
    August 04, 2008
    Ben - What you provided is not proper HTML. Content-Type is a HTTP response header which should not show up as part of any HTML Markup, so that is a bug in the CGI. In order for the EXE to function properly to generate dynamic content that can be interpreted by a browser, it needs to output a proper HTTP response with HTML Markup as entity body. The following is what a proper-looking HTTP response should look like. It needs to be generated by the CGI EXE. HTTP/1.1 200 OK[CRLF] Connection: Close[CRLF] Content-Length: <byte count of HTML Markup as Entity Body>[CRLF] Content-Type:  text/html; charset=ISO-8859-1[CRLF] [CRLF] <html>... </html> Some of the most common problems with CGI are:

  1. not sending CRLF (hex 0D 0A) to terminate HTTP header lines as specified by HTTP 1.1 specification
  2. not sending Content-Length, which forces the client to use Connection closure as way to know when the request is done. Combined with HTTP/1.1 which defaults to Connection: Keep-Alive, it means that CGI's which rely on "default" values will just fail.
  3. not sending a Content-Type response header Based on what you provided, it looks like the CGI has several of these problems. If this CGI worked before, it was more because of a miracle than by-design. //David
  • Anonymous
    August 05, 2008
    David -- Appreciate your response.  I'm going to work with the vendor to see what can be done here.  Clearly, IIS6 is more strict about enforcing these rules than II5 or Apache 2.x, as the application seems to be running fine in those environments.   Thanks again, and I'll post some further results when I get them. Ben

  • Anonymous
    August 05, 2008
    Ben - both of those named servers allow very badly written applications to semi-function. It makes the server look stellar in terms of compatibility, but all it really does is propagate badly written and non-conformant applications. We all know the same mess on the Browsers, which had bugs that allowed badly written applications (or even browser-bug-specific applications) to propagate... until conformance to HTML standards kicked in with some Browsers to clean things up. It may hurt in the short run, but in the long run, having applications which conform to public HTTP and HTML specifications is a good, not bad, thing. //David

  • Anonymous
    August 06, 2008
    The comment has been removed

  • Anonymous
    August 06, 2008
    Just to (maybe) make the script output clearer: HTTP/1.1 200 OK[CRLF] Connection: Close[CRLF] Content-Length: 101[CRLF] Content-Type:  text/html; charset=ISO-8859-1[CRLF][CRLF] <html> <head> <title>Test Page</test> </head> <body> <h2>Testing...</h2> </body> </html>

  • Anonymous
    August 09, 2008
    Ben - IIS itself does not modify response output. However, you may have custom ISAPI that do modify response - I do not know your server's configuration. I do not count 101 bytes following the double [CRLF] (maybe some of the [CRLF] are eaten up by HTML, which does not preserve such whitespace by definition), which constitutes what the browser expects to download and display. Malformed HTTP response often results in unexpected (and different) behavior between browsers. //David

  • Anonymous
    September 11, 2008
    The comment has been removed

  • Anonymous
    October 30, 2008
    Hi David, I have been running into a problem. I have .sitx file which macintosh compressed file like .zip file. On our local environment we have IIS 5.1. Whenever I download .sitx file from my local environment it does good. It shows me 'File download' window. But on Production environment I have IIS 6.0, it is showing me 'File Not Found' error. Please suggest a solution to this. Thanks, Avinash

  • Anonymous
    October 31, 2008
    Avinash - the solution is actually mentioned in this blog entry. You want action #1 to happen, and the blog entry tells you how to do that. //David

  • Anonymous
    November 26, 2008
    Hello, I am facing problem in downloading .exe file from asp.net website which is hosted on IIS7 and Windows Server 2008. The following error comes when i am trying to download .exe file : HTTP Error 404.2 - Not Found The page you are requesting cannot be served because of the ISAPI and CGI Restriction list settings on the Web server. It is perfactly working in IIS6 and windows server 2003. Any help is appreciated. Thanks & Regards, Amit

  • Anonymous
    November 27, 2008
    Amit - please read this blog entry for the solution. If you configure IIS7 the same as IIS6, it will work perfectly as well. //David

  • Anonymous
    November 30, 2008
    Hello David, Thanks for your quick reply. I have tried to follow your steps but still i am not able to download .exe file from my webiste hosted on IIS7 and Windows Server 2008. For your reference, here i am listing some of my IIS settings. ISAPI and CGI Restrictions description = Active Server Pages   Restrictions = Allowed Path=c:windowssystem32inetsrvasp.dll description = ASP .NET v2.0.50727 Restrictions = Allowed Path=C:WindowsMicrosoft.NETFrameworkv2.0.50727aspnet_isapi.dll description = [No Description] Restrictions = Allowed Path=C:Perlbinperl.exe "%s" %s description = [No Description] Restrictions = Allowed Path=C:Perlbinperlis.dll description = [No Description] Restrictions = Allowed Path=C:PerlbinPerlEx30.dll Handler Mappings on Site Level name=CGI-exe  path=.exe stat=Enabled path type=File handler=CgiModule Access ->Read name=ISAPI-dll  path=*.dll stat=Enabled path type=File handler=IsapiModule Access ->Read If you get any idea from the above information then please suggest me what other settings should i do? Or if you want some more information about my iis settings then pls let me know. Any help is appreciated. Thanks & Regards, Amit

  • Anonymous
    December 29, 2008
    Hello David, I am able to download an .exe file from IIS 6.0, but the progress bar shows "Estimated time left : Not Known", while if I change the extension of the file (lets say .dmg), I get the right estimation. What might cause that? Thanks, Ofer

  • Anonymous
    January 02, 2009
    Ofer - something is configured on IIS to cause the .exe extension to be transferred via chunked encoding instead of content-length. Since chunked encoding means "keep downloading until the server tells the browser it is done", it is not possible for the browser to estimate number of bytes remaining and hence impossible to estimate time left. The default behavior on IIS for static files like .exe is content-length, which gives the same behavior as .dmg. Thus, something on the server is configured to transfer .exe as chunked encoding. An ISAPI Filter or Application Mapping for * or .exe can result in this behavior. Since this non-default behavior is due to user configuration, you will have to determine whether that configuration is necessary and if not, remove it. Then .exe will download with content-length as expected. //David

  • Anonymous
    January 02, 2009
    Amit - You need to remove the handler mappings you added at the site level for CGI-EXE and ISAPI-DLL. They are incorrect and cause your issue. FYI: This is what your handler mapping definition is actually saying. It tells IIS to launch any EXE as CGI on the server-side whenever the resource is accessed by a client for download. That is clearly not what you want - you want IIS to send the EXE as download whenever the resource is accessed by a client for download. Removing your misconfiguration and adding .EXE MimeType should allow the default IIS configuration to function as you expect. //David

  • Anonymous
    January 03, 2009
    Hello David, Thank you for your response. The chuncked encoding hint set me on the right path, and actually I found the solution on another post by you :)http://www.eggheadcafe.com/software/aspnet/31045970/compression-and-disablin.aspx The exe extension was set to be compressed. Thank you again, Ofer

  • Anonymous
    January 08, 2009
    The comment has been removed

  • Anonymous
    January 13, 2009
    Defining MIME types in IIS helped me a lot. The issue was that some of the files were downloading (common extensions like "zip", "doc"), other files with unknown extensions - were not. Thank you very much ! This article was a great help !

  • Anonymous
    January 13, 2009
    st.silvia - Glad you resolved your issue. Honestly, I am glad that IIS6 forces the issue of making you define MIME types in IIS or else it refuses to send them as download... because that is the way things should be. Why? Because web administrators were lazy at defining MIME types, web browsers had to get incredibly smart at sniffing content to determine content-type so that it knows how to handle downloaded content. This has good and bad implications. For example, sending a file to be downloaded, or opened/executed looks EXACTLY the same to the server but are obviously very different user experiences in the web browser. Without the server providing MIME types, the web browser has to guess one way or another -- and web page developers start writing code to fool how each browser sniffs content in order to force the behavior that they wanted -- which is clearly not standards compliant nor solid code. If web servers forced the administrator to declare MIME Types from the beginning, web browsers would not need to sniff content, web developers would not need to write browser-specific code to defeat sniffing to achieve their desired client-side behavior, and things would be a lot cleaner today. //David

  • Anonymous
    January 23, 2009
    Unfortunately this did not answer my question. For some strange reason, EXE files don't completely download anymore. They stop at 98%

  • Anonymous
    January 29, 2009
    Webwinkel freak - This blog entry deals with allowing the EXE to download. If it fails at 98%, your question is completely unrelated to this. If you have a reliable repro, I suggest using a network monitor to capture the entire network traffic of the download. Then, you can see whether the problem is due to:

  1. The Server prematurely closing the connection before download is complete
  2. Any mismatch between the number of bytes the server promised to send in the header vs actually sent
  3. Any other network anomaly Once you can determine if the problem is on the network or on the server/client, then you can proceed further. For example, if you determine the issue is on the server, you will need to examine what handler sent the .EXE download. By default it is the IIS Static File Handler, which doesn't have such issues, so I suspect your system has other custom handlers performing the download -- which means you have to start looking for bugs in those custom handlers. //David
  • Anonymous
    February 05, 2009
    Thanks David, I found this article helpful in enabling download of dxb files.  Worked like a charm!

  • Anonymous
    February 11, 2009
    Hi David, You are a great help. My customer has tried many things to allow exe to download to browser. The product is an application run from a web server. I'm not to up on the networking stuff but I have it running from our web server (third party)....no problems. What happens is you click on a link on a web page, a couple downloads happen (one of which is the exe) and then the application runs.....fetching content (resources) from the server as needed. The site is getting a 404 error (just 404)....Object not found....although the file is there. The site is using IIS5.0. Please help.

  • Anonymous
    February 18, 2009
    Dirk - I suggest you read the threads of this post to find clues to answer your question. It is why I allow unlimited anonymous comments -- to gather collective community knowledge and experience. I suspect you will find searching for "URLScan" useful. //David

  • Anonymous
    March 16, 2009
    Thanks David.  This solved my problem and I learned something.

  • Anonymous
    March 27, 2009
    The comment has been removed

  • Anonymous
    March 29, 2009
    The comment has been removed

  • Anonymous
    March 30, 2009
    Thanks for your reply.  Unfortunately, I don't see the CGI/ISAPI feature on the Features screen.  This is why I am confused.  Does this feature need to be invoked some how?

  • Anonymous
    March 30, 2009
    Thanks for you reply.  I don't see the CGI/ISAPI feature anywhere on the feature screen.  Does this need to be invoked some how?

  • Anonymous
    March 31, 2009
    I found exactly what I need from this article.  It makes so much sense.  My CGI script is working perfectly!  I hope this helps others: http://www.wrensoft.com/zoom/support/faq_cgi_iis.html

  • Anonymous
    April 01, 2009
    teenzbutler - did you install the CGI Feature to be able to run that .exe? It is not installed on IIS7 by default. //David

  • Anonymous
    May 10, 2009
    Hi, How can I enable download of a "*.rar" file. When I try to access the file via browser, I get the following error: "You are not authorized to view this page You do not have permission to view this directory or page due to the access control list (ACL) that is configured for this resource on the Web server."

  • Anonymous
    May 26, 2009
    David, Thanks for the article. It worked for me.

  • Anonymous
    June 03, 2009
    Thank you very much!!! Really helpful information.

  • Anonymous
    July 14, 2009
    How can i download files with filename in japanese characters (収益認識.txt). i am getting a 404 error.working fine for english file names.

  • Anonymous
    September 09, 2009
    Hi David I had gone through the article and registered MIME types, still i am facing the issues. Issue: I am trying to download doc,docx,ppt and pptx from my .net website, hosted on Windows 2003 and IIS 6.0. It is saying "Unknown file type" for ppt and pptx, "wordpad document" for doc and "Compressed(zip folder)" for docx. Please let me know Am i missed out any configuration or Is there any other fix for this. Just for your information, I have registered the MIME types at IIS level not at default site or at my site. Thank you in advance for your help

  • Anonymous
    January 18, 2010
    The comment has been removed

  • Anonymous
    February 10, 2010
    Great post, simple but effective. Thanks

  • Anonymous
    March 01, 2010
    The comment has been removed

  • Anonymous
    March 24, 2010
    The comment has been removed

  • Anonymous
    May 12, 2010
    I also had this issue and adding the new MIME Type to IIS fixed it. Mine was actually for ".qwc" files and I was able to set their MIME type as the generic "application/octet-stream" in order to be able to download them.

  • Anonymous
    January 20, 2012
    The comment has been removed

  • Anonymous
    March 03, 2014
    The comment has been removed

  • Anonymous
    March 03, 2014
    The comment has been removed