IIS 7.5 - 403 Forbidden

Ok, I have scoured online resources and applied all the suggested solutions.

I am setting up a simple website on Windows Server 2008 R2 under IIS 7.5 using the "ASP.NET v4.0" pool. I am setting this up as an application under Default Web Site with a different root. I keep getting the 403 Forbidden error.

I have:

1. Installed asp.net using aspnet_regiis.exe -i (many times)
2. Made sure my root directory (physical path) has permissions for
"IIS_IUSR" and "IUSR" users.
3. Made sure "Anonymous Authentication" is enabled and set to "Application Pool Identity"
4. I have restarted IIS numerous times
5. I have checked and double-checked every other configuration.

What's strange is that I have another application under Default Web Site and it works just fine.

Any suggestions will help. This shouldn't be so hard unless I am missing something obvious.

Grant permission to the `Network Service` user in the NTFS folder

Also check the .Net authorization rules:

![enter image description here][1]


![enter image description here][2]


[1]:

[2]:

Ok, I am quite embarrassed but the over sight was that "Require SSL" was checked by default and that is the place I did not check. I guess it is because an SSL is bound to the Default Web Site. Removing that check made it work.

Hopefully this will help someone else.

Haha you think that is embarrasing! This is probably the 1000th webserver I've installed... 30mins of 403s!! I can't figure it out. There is a stub default.asp in there.. permissions all correct... everything!

I turned on "directory" browsing in desparation of flicking around.

default.asp.txt is sitting there..... DOH.

Need to turn OFF "known file types"... why is that setting like that anyway?

For me the answer was in handler mappings section of IIS 7.5

Adding the following to web.config enabled all the aspx pages to work correctly

<configuration>
...
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<handlers accessPolicy="Read, Script" />
...
</system.webServer>
</configuration>

Check that IP address restrictions are not blocking the request. Can check this in the logs.

(This was my embarrassing reason!)

Another possible issue which leads to a 403 error:

The `Global.asax` file is missing.

Mine was even more embarrassing.

Right Click on folder,`Remove READ only attribute`.

For me, there was a vestigial `Web.config` in `C:\inetpub\wwwroot` with rewrite rules. Deleting it solved the problem.

I was facing issue on windows 7 and surprisingly it was fixed after installing service pack 1