2017-02-07
先說明一下,Windows 版本、IIS版本、Elmah版本、Visual Studio版本、.NET Framework 版本差異可能會影響設定方法和成功與否,之前找的某些文章就發生無法成功的事情,這篇是自己測試成功後寫下的。
ELMAH => Error Logging Modules and Handlers
環境:Windows Server 2016 + IIS Web Server
工具:Visual Studio 2015 with Update 3
續這篇
[研究][C#][ASP.NET] ELMAH 簡易試用 (Win 2016 + IIS + WebForm)
http://shaurong.blogspot.com/2017/02/caspnet-elmah-win-2016-iis-webform.html
(下圖) 前面提過 Elmah 預設遠端會看到 403 - 禁止:拒絕存取
解決方法一:全面開放遠端檢視 Elmah
在 web.config 找到 <elmah> 下的這一段
<elmah> <!-- See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for more information on remote access and securing ELMAH. --> <security allowRemoteAccess="false" /> </elmah> |
修改 <security allowRemoteAccess 的值為 true,遠端就可以看到了
<elmah> <!-- See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for more information on remote access and securing ELMAH. --> <security allowRemoteAccess="true" /> </elmah> |
這種方法的優點是修改簡單,缺點是大家都可以看到 Elmah 內容。
********************************************************************************
解決方法二:限制來源 IP 檢視 Elmah
有幾件事情要做
若為 IIS 7、8、10編輯 C:\Windows\System32\inetsrv\config\applicationHost.config
IISExpress: "%USERPROFILE%\Documents\IISExpress\config\applicationhost.config"
找到 <sectionGroup name="system.webServer"> 底下
改為
有幾件事情要做
- web.config 設定 <security allowRemoteAccess="true" /> (剛剛做過)
- IIS 安裝 "IP及網域限制"
- 修改applicationHost.config
若為 IIS 7、8、10編輯 C:\Windows\System32\inetsrv\config\applicationHost.config
IISExpress: "%USERPROFILE%\Documents\IISExpress\config\applicationhost.config"
找到 <sectionGroup name="system.webServer"> 底下
<section name="ipSecurity" overrideModeDefault="Deny" /> |
<section name="ipSecurity" overrideModeDefault="Allow" /> |
PS:<sectionGroup name="system.ftpServer">底下也有一個 ipSecurity 設定,別改錯了
- web.config 增加 ipSecurity 部分
<security> <ipSecurity allowUnlisted="false"> <add ipAddress="127.0.0.1" subnetMask="8" allowed="true" /> <add ipAddress="192.168.0.0" subnetMask="16" allowed="true" /> <add ipAddress="10.3.0.0" subnetMask="8" allowed="true" /> </ipSecurity> </security> |
PS:<sectionGroup name="system.ftpServer">底下也有一個 ipSecurity 設定,別改錯了
修改 web.config
<?xml version="1.0" encoding="utf-8"?> <!-- 如需如何設定 ASP.NET 應用程式的詳細資訊,請造訪 http://go.microsoft.com/fwlink/?LinkId=169433 --> <configuration> <configSections> <sectionGroup name="elmah"> <section name="security" requirePermission="false" type="Elmah.SecuritySectionHandler, Elmah" /> <section name="errorLog" requirePermission="false" type="Elmah.ErrorLogSectionHandler, Elmah" /> <section name="errorMail" requirePermission="false" type="Elmah.ErrorMailSectionHandler, Elmah" /> <section name="errorFilter" requirePermission="false" type="Elmah.ErrorFilterSectionHandler, Elmah" /> </sectionGroup> </configSections> <system.web> <compilation debug="true" targetFramework="4.6.2" /> <httpRuntime targetFramework="4.6.2" /> <httpModules> <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" /> <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" /> <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" /> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.CSharpCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:6 /nowarn:1659;1699;1701" /> <compiler language="vb;vbs;visualbasic;vbscript" extension=".vb" type="Microsoft.CodeDom.Providers.DotNetCompilerPlatform.VBCodeProvider, Microsoft.CodeDom.Providers.DotNetCompilerPlatform, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" warningLevel="4" compilerOptions="/langversion:14 /nowarn:41008 /define:_MYTYPE=\"Web\" /optionInfer+" /> </compilers> </system.codedom> <system.webServer> <validation validateIntegratedModeConfiguration="false" /> <modules> <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" preCondition="managedHandler" /> <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" preCondition="managedHandler" /> <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" preCondition="managedHandler" /> </modules> </system.webServer> <elmah> <!-- See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for more information on remote access and securing ELMAH. --> <security allowRemoteAccess="true" /> </elmah> <location path="elmah.axd" inheritInChildApplications="false"> <system.web> <httpHandlers> <add verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" /> </httpHandlers> <!-- See http://code.google.com/p/elmah/wiki/SecuringErrorLogPages for more information on using ASP.NET authorization securing ELMAH. <authorization> <allow roles="admin" /> <deny users="*" /> </authorization> --> </system.web> <system.webServer> <handlers> <add name="ELMAH" verb="POST,GET,HEAD" path="elmah.axd" type="Elmah.ErrorLogPageFactory, Elmah" preCondition="integratedMode" /> </handlers> <security> <ipSecurity allowUnlisted="false"> <add ipAddress="127.0.0.1" subnetMask="8" allowed="true" /> <add ipAddress="192.168.0.0" subnetMask="16" allowed="true" /> <add ipAddress="10.3.0.0" subnetMask="8" allowed="true" /> </ipSecurity> </security> </system.webServer> </location> </configuration> |
**********
(下圖)
若 applicationHost.config 沒有允許 ipSecurity被覆寫,卻在 Web.config增加 ipSecurity 部分,會出現錯誤
500 - 內部伺服器錯誤
**********
(下圖) 若 applicationHost.config 允許 ipSecurity被覆寫,在 Web.config 沒有允許該來源 IP,該 IP 連上會看到錯誤 (就算來源是本機也會看不到 )
403 錯誤
403 錯誤
(完)
相關
[研究][C#][ASP.NET] ELMAH 簡易試用 (Win 2016 + IIS + WebForm)
http://shaurong.blogspot.com/2017/02/caspnet-elmah-win-2016-iis-webform.html
[研究][C#][ASP.NET] ELMAH 簡易試用-遠端檢視 (Win 2016)
http://shaurong.blogspot.com/2017/02/caspnet-elmah-win-2016.html
[研究][C#] ELMAH - ASP.NET錯誤記錄模組 (Error Logging Modules and Handlers)(NuGet安裝)
http://shaurong.blogspot.com/2016/04/c-elmah-aspnet-error-logging-modules.html
相關
[研究][C#][ASP.NET] ELMAH 簡易試用 (Win 2016 + IIS + WebForm)
http://shaurong.blogspot.com/2017/02/caspnet-elmah-win-2016-iis-webform.html
[研究][C#][ASP.NET] ELMAH 簡易試用-遠端檢視 (Win 2016)
http://shaurong.blogspot.com/2017/02/caspnet-elmah-win-2016.html
[研究][C#] ELMAH - ASP.NET錯誤記錄模組 (Error Logging Modules and Handlers)(NuGet安裝)
http://shaurong.blogspot.com/2016/04/c-elmah-aspnet-error-logging-modules.html
沒有留言:
張貼留言