Troubleshooting SharePoint "HTTP 500" Errors and IIS Failed Request Tracing

I had a client call me the other day as he was having an issue with a couple of his SharePoint 2010 sites that seemed strange, the sites just stopped working.  When anyone tried to access the sites, they would get HTTP 500 errors.  I was able to resolve this issue for the client so I thought I should share some of my troubleshooting tips.

As SharePoint admins, we get sucked into IIS and SQL Server, it's just the nature of the beast.  Save yourself therapy and hours crying yourself to sleep and just accept it.  Today we’re going to look at a few different steps as we troubleshoot issues with issues when the SharePoint sites don’t come up, specifically in IIS.

First, what is the HTTP 500?

The page could not be displayed.
The important piece of this page is the status code on the top right – "HTTP 500".  That’s the status code.  You can find more on general status codes in this Microsoft KB article.  It’s a fairly generic error code.  How do we know what’s broke?  There are many causes for this error, so I just try to give you a basic checklist of things to check that should point you in the right direction.

Troubleshooting Steps

Here are a few steps that I like to do when SharePoint appear to be down:

1. If the SharePoint sites don’t come up for you, first try another client machine to make sure it’s not just you.  These are unlikely to be client-side, but let’s rule that out anyway.  OK, so neither you nor your users can get to SharePoint, awesome.

2. The next step in my mind is to get on the SharePoint server and let’s rule out DNS or networking issues.  Pull up the SharePoint sites via their URL on the server desktop.  If this works, then go to your IT admins as Domain Name System (DNS) or there’s something with the network.  I had one issue one time where IT had switched the subnets around, and only users on a remote subnet couldn’t access SharePoint.  It happens.  If it still doesn’t come up, it’s definitely something server-side and it’s time to dig deeper.

3. From the SharePoint server, try to pull up the Central Administration site.  This should usually come up with this error.  If this doesn’t come up, we would likely be facing like a database access error or something.  But it’s good to rule out.  Assuming it comes up, go check the AAM (alternate access mappings) and make sure nothing changed.

4. From here you could do a couple things.  But since one web application works and one doesn’t, there’s only a few things that allow some sites to work and others not.  Let’s go check the IIS application pools.  Open up IIS Manager, expand the server node and click Application Pools.  Make sure the application pool that hosts your non-working SharePoint site is started (note – it’s normal for the SharePoint web services root to be stopped).  Sometimes this can happen after a server reboot.  You could also do an iisreset or even a full reboot here, but it is unlikely to resolve it.

Besides being stopped, it could be started or continuously stop.  Causes could be authentication related.  Check the IIS event logs (Event Viewer), and the SharePoint ULS logs and see if they point you in a direction.

5. While in your IIS, go to the site(s) in question and check their bindings.  Are the correct hostname bound to the site?  This just makes sure that IIS is listening on the right host.

6. So at this point, we’ve checked all the normal things and the problem seems to point with the site itself.  What does this leave?  Things like the web.config, applicationHost.config, etc.

7. Go to c:\inetpub\wwwroot\wss\VirtualDirectories\<sitename>.  Look at the web.config file.  Does it have a recent modified date?  In my case, it did.  OK, so we’re highly suspect of the web.config, how do we know what?

Let’s go back to IIS and let’s enable Failed Request Tracing.

In IIS, click on the down site in the left pane under the Sites heading.  We have to enable Failed Request Tracing.  Do this via the right panel, under the Configure heading, click Failed Request Tracing.  Click the Enable checkbox, and notice the path of the logfile.

Now that FRT is enabled, we have to tell it what to capture.  In the middle pane, under the IIS group, click the icon called Failed Request Tracing.  On the right under Actions, click Add.

In the wizard, leave All Content select and choose Next.

For the status code, enter 500.  Click Next.

Leave all providers checked, and click Finish.

8. Now go try to access the site, and get the 500 error.

9. That should have written what we needed to the log file.  Go to the path defined for the log earlier.  You will find two files, an XML file (the log with errors) and an XSLT that styles the XML for easy viewing.  Open the XML in a browser to see the error.

10. Review the error for details:

This will show you a specific error, and notice that the line number with the issue is listed as well.  Great!  Now we have something to work with.

11. In my case, in the web.config there was a Session state entry was duplicated.  This is normal, but there was a remove statement that prevented one of them from being loaded, which was commented out, in turn causing the duplicates to both load:

<!-- <remove name="Session" /> –>

I removed the comment out lines (highlight) and saved my web.config.  Success - the site came up!  Confetti fell from the rooftops, Champagne flowed from the heavens, and there were many celebratory handshakes.

So do you want to leave tracing enabled?  I don’t see the harm.  It is capped per the initial configuration, so it won’t fill up the C drive.  If you’re getting that many HTTP 500 errors, you likely have other issues.

I hope this gives you a few more tools in your bag of troubleshooting tricks when SharePoint won’t come up!

How to Set Up Site Bindings in Internet Information Services (IIS)

When IIS is first installed, a default website is already configured.  You can right-click on this site and choose Site Bindings to see the site bindings for the default website. If you haven’t made any changes to your default website, it should look similar to the image below.

There are three values that can be used in a site binding:  IP Address, Port and Host Name.  In the default website you see that the only values specified are the Port and IP Address.  The default site is bound to port 80 on any IP address that does not have another binding.  This gives you a “fallback” website for all requests that come to your server on port 80 and do not match any other site bindings.

IMPORTANT:  When setting up site bindings on your Dedicated or Cloud server, all site bindings must be unique.  The combination of IP address, port and host name must be different from all other site bindings on your server.

Below are some common situations and how you might set up your site bindings.

Example 1:  Web server with multiple IP addresses

In this situation we are going to assign a separate IP address for each website.

Company              Assigned IP Address       Port
———————————————————————-
Acme Products     192.168.1.200               80
Foobar Inc.           192.168.1.201               80

First we will set up the binding for the Acme Products website as shown below.

Any web request coming to 192.168.1.200 on port 80 will be served by this website.  It does not matter what host header is used.  It could be acmeproducts.com or www.acmeproducts .com or any other host that is configured in DNS to go to this IP address.

Similarly, we would assign the site bindings for Foobar Inc so that requests going to 192.168.1.201 on port 80 will go to their site.

Example 2:  Web server with one IP address using host name bindings

This situation is common at lost cost web hosting companies or in a situation where you run a server from your house or small business and only have one IP address to allocate to your web server.   Since we do not have enough IP addresses to assign to each site, we will use host headers to differentiate which website will serve requests.  In this case, the only IP address on the server is 192.168.1.200.

Acme products would like their site to respond to requests for acmeproducts.com and www.acmeproducts.com.  Since we have multiple sites on the server using the same IP address and port combination, we must use the host name to differentiate this site from the others.  We will set up two site bindings.  One for each host name that we want this site to respond to.

Foobar Inc would like their site to respond to foobarinc.com, www.foobarinc.com and blogs.foobarinc.com.  We will add three bindings to this site.

As you can see, both sites are using the same IP address and port.  The host name is the one thing that differentiates the two sites.  If we tried to add a binding for foobarinc.com to the Acme site, we will get a warning telling us that the same binding already exists.

If we allowed IIS to add this binding, we would have an issue the next time IIS started.  It would start the first website with this binding but the second site would not be started.

Example 3: Web server with one IP address using port number bindings

In this example we are going to use different port numbers to identity the site that should respond to a request.  Both sites will use the IP address 192.168.1.200.  Acme Products will be configured to use port 80 as shown below.

Foobar Inc will be configured to use port 8080.

There is one downside to configuring your sites this way.  Web browsers use port 80 by default.  In the case of our two websites, the Acme site will work fine but the Foobar website will not come up in a browser with a standard URL.  In order to get to the Foobar website, you will have to enter the URL like this:  http://www.foobarinc.com:8080.  The colon and port number must be added at the end of the URL for non-standard ports.

Service Unavailable "HTTP Error 503"

Today when we try to deploy webPart to SharePoint site, System display following error

“Service Unavailable  HTTP Error 503.  The service is unavailable”

When I research online come across that the error cause due to following reasons

1. Application Pools Identity account password may changed

2. The administrator has stopped the application pool

To Enable Service

1. Open up IIS Manager and

2. Go to Connection and Expand click on Application Pools

3. Select Application Pools and Start (if Services stopped)

If changed Identity account password

4. Locate your App Pool account and right-click on it and select ‘Advanced Settings’.

5. Click on the right of the Identity box to change it (A window will pop up).

6.  Click on Set and simply retype your App Pool Identity in there with the new password.

HTTP Error status code in IIS 7.0, IIS 7.5, and IIS 8.0

By default, IIS 7.0, IIS 7.5, and IIS 8.0 put log files in the following folder:

inetpub\logs\Logfiles

This folder contains separate directories for each World Wide Web website. By default, the log files are created in the directories daily, and the log files are named by using the date. For example, a log file may be named as follows:

exYYMMDD.log

The HTTP status codes

This section describes the HTTP status codes that IIS 7.0, IIS 7.5, and IIS 8.0 use.

Note This article does not list every possible HTTP status code as dictated in the HTTP specification. This article includes only the HTTP status codes that IIS 7.0, IIS 7.5, and IIS 8.0 can send. For example, a custom Internet Server API (ISAPI) filter or a custom HTTP module can set its own HTTP status code.

1xx - Informational

These HTTP status codes indicate a provisional response. The client computer receives one or more 1xx responses before the client computer receives a regular response.

IIS 7.0, IIS 7.5, and IIS 8.0 use the following informational HTTP status codes:

• 100 - Continue.
• 101 - Switching protocols.

2xx - Success

These HTTP status codes indicate that the server successfully accepted the request.

IIS 7.0, IIS 7.5, and IIS 8.0 use the following success HTTP status codes:

• 200 - OK. The client request has succeeded.
• 201 - Created.
• 202 - Accepted.
• 203 - Nonauthoritative information.
• 204 - No content.
• 205 - Reset content.
• 206 - Partial content.

3xx - Redirection

These HTTP status codes indicate that the client browser must take more action to fulfill the request. For example, the client browser may have to request a different page on the server. Or, the client browser may have to repeat the request by using a proxy server.

IIS 7.0, IIS 7.5, and IIS 8.0 use the following redirection HTTP status codes:

• 301 - Moved permanently.
• 302 - Object moved.
• 304 - Not modified.
• 307 - Temporary redirect.

4xx - Client error

These HTTP status codes indicate that an error occurred and that the client browser appears to be at fault. For example, the client browser may have requested a page that does not exist. Or, the client browser may not have provided valid authentication information.

IIS 7.0, IIS 7.5, and IIS 8.0 use the following client error HTTP status codes:

• 400 - Bad request. The request could not be understood by the server due to malformed syntax. The client should not repeat the request without modifications.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 400 error: 
  • 400.1 - Invalid Destination Header.
  • 400.2 - Invalid Depth Header.
  • 400.3 - Invalid If Header.
  • 400.4 - Invalid Overwrite Header.
  • 400.5 - Invalid Translate Header.
  • 400.6 - Invalid Request Body.
  • 400.7 - Invalid Content Length.
  • 400.8 - Invalid Timeout.
  • 400.9 - Invalid Lock Token.
• 401 - Access denied.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define several HTTP status codes that indicate a more specific cause of a 401 error. The following specific HTTP status codes are displayed in the client browser but are not displayed in the IIS log: 
  • 401.1 - Logon failed.
  • 401.2 - Logon failed due to server configuration.
  • 401.3 - Unauthorized due to ACL on resource.
  • 401.4 - Authorization failed by filter.
  • 401.5 - Authorization failed by ISAPI/CGI application.
• 403 - Forbidden.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 403 error: 
  • 403.1 - Execute access forbidden.
  • 403.2 - Read access forbidden.
  • 403.3 - Write access forbidden.
  • 403.4 - SSL required.
  • 403.5 - SSL 128 required.
  • 403.6 - IP address rejected.
  • 403.7 - Client certificate required.
  • 403.8 - Site access denied.
  • 403.9 - Forbidden: Too many clients are trying to connect to the web server.
  • 403.10 - Forbidden: web server is configured to deny Execute access.
  • 403.11 - Forbidden: Password has been changed.
  • 403.12 - Mapper denied access.
  • 403.13 - Client certificate revoked.
  • 403.14 - Directory listing denied.
  • 403.15 - Forbidden: Client access licenses have exceeded limits on the web server.
  • 403.16 - Client certificate is untrusted or invalid.
  • 403.17 - Client certificate has expired or is not yet valid.
  • 403.18 - Cannot execute requested URL in the current application pool.
  • 403.19 - Cannot execute CGI applications for the client in this application pool.
  • 403.20 - Forbidden: Passport logon failed.
  • 403.21 - Forbidden: Source access denied.
  • 403.22 - Forbidden: Infinite depth is denied.
  • 403.502 - Forbidden: Too many requests from the same client IP; Dynamic IP Restriction limit reached.
• 404 - Not found.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 404 error:
  • 404.0 - Not found.
  • 404.1 - Site Not Found.
  • 404.2 - ISAPI or CGI restriction.
  • 404.3 - MIME type restriction.
  • 404.4 - No handler configured.
  • 404.5 - Denied by request filtering configuration.
  • 404.6 - Verb denied.
  • 404.7 - File extension denied.
  • 404.8 - Hidden namespace.
  • 404.9 - File attribute hidden.
  • 404.10 - Request header too long.
  • 404.11 - Request contains double escape sequence.
  • 404.12 - Request contains high-bit characters.
  • 404.13 - Content length too large.
  • 404.14 - Request URL too long.
  • 404.15 - Query string too long.
  • 404.16 - DAV request sent to the static file handler.
  • 404.17 - Dynamic content mapped to the static file handler via a wildcard MIME mapping.
  • 404.18 - Querystring sequence denied.
  • 404.19 - Denied by filtering rule.
  • 404.20 - Too Many URL Segments
• 405 - Method Not Allowed.
• 406 - Client browser does not accept the MIME type of the requested page.
• 408 - Request timed out.
• 412 - Precondition failed.

5xx - Server error

These HTTP status codes indicate that the server cannot complete the request because the server encounters an error.

 IIS 7.0, IIS 7.5, and IIS 8.0 use the following server error HTTP status codes:

• 500 - Internal server error.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 500 error:
  • 500.0 - Module or ISAPI error occurred.
  • 500.11 - Application is shutting down on the web server.
  • 500.12 - Application is busy restarting on the web server.
  • 500.13 - Web server is too busy.
  • 500.15 - Direct requests for Global.asax are not allowed.
  • 500.19 - Configuration data is invalid.
  • 500.21 - Module not recognized.
  • 500.22 - An ASP.NET httpModules configuration does not apply in Managed Pipeline mode.
  • 500.23 - An ASP.NET httpHandlers configuration does not apply in Managed Pipeline mode.
  • 500.24 - An ASP.NET impersonation configuration does not apply in Managed Pipeline mode.
  • 500.50 - A rewrite error occurred during RQ_BEGIN_REQUEST notification handling. A configuration or inbound rule execution error occurred.
    Note Here is where the distributed rules configuration is read for both inbound and outbound rules.
  • 500.51 - A rewrite error occurred during GL_PRE_BEGIN_REQUEST notification handling. A global configuration or global rule execution error occurred.
    Note Here is where the global rules configuration is read.
  • 500.52 - A rewrite error occurred during RQ_SEND_RESPONSE notification handling. An outbound rule execution occurred.
  • 500.53 - A rewrite error occurred during RQ_RELEASE_REQUEST_STATE notification handling. An outbound rule execution error occurred. The rule is configured to be executed before the output user cache gets updated.
  • 500.100 - Internal ASP error.
• 501 - Header values specify a configuration that is not implemented.
• 502 - Web server received an invalid response while acting as a gateway or proxy.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 502 error:
  • 502.1 - CGI application timeout.
  • 502.2 - Bad gateway: Premature Exit.
  • 502.3 - Bad Gateway: Forwarder Connection Error (ARR).
  • 502.4 - Bad Gateway: No Server (ARR).
• 503 - Service unavailable.
  
  IIS 7.0, IIS 7.5, and IIS 8.0 define the following HTTP status codes that indicate a more specific cause of a 503 error:
  • 503.0 - Application pool unavailable.
  • 503.2 - Concurrent request limit exceeded.
  • 503.3 - ASP.NET queue full

Common HTTP status codes and the causes

The following table describes the causes of some common HTTP status codes.

Code	Description	Notes
200	OK	IIS 7.0, IIS 7.5, and IIS 8.0 successfully processed the request.
304	Not modified	The client browser requests a document that is already in the cache, and the document has not been modified since the document was cached. The client browser uses the cached copy of the document instead of downloading the document from the server.
400	Bad request	The Http.sys file blocks IIS 7.0, IIS 7.5, and IIS 8.0 from processing the request because of a problem in the request. Typically, this HTTP status code means that the request contains characters or sequences that are not valid or that the request contradicts the security settings in the Http.sys file.
401.1	Logon failed	The logon attempt is unsuccessful probably because of a user name or a password that is not valid. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942044 Error message when you try to run a web application that is hosted on IIS 7.0: "HTTP Error 401.1 - Not Found"
401.2	Logon failed due to server configuration	This HTTP status code indicates a problem in the authentication configuration settings on the server. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942043 Error message when you try to visit a webpage that is hosted on IIS 7.0: "HTTP Error 401.2 - Unauthorized"
401.3	Unauthorized due to ACL on resource	This HTTP status code indicates a problem in the NTFS file system permissions. This problem may occur even if the permissions are correct for the file that you are trying to access. For example, this problem occurs if the IUSR account does not have access to the C:\Winnt\System32\Inetsrv directory. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942042 Error message when you try to browse a webpage that is hosted on a server that is running IIS 7.0: "HTTP Error 401.3 - Unauthorized"
401.4	Authorization failed by filter	An ISAPI filter does not let the request be processed because of an authorization problem. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942079 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 401.4 - Authorization failed by filter"
401.5	Authorization failed by ISAPI/CGI application	An ISAPI application or a Common Gateway Interface (CGI) application does not let the request be processed because of an authorization problem. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942078 Error message when you visit a website that is hosted on a computer that is running IIS 7.0: "HTTP Error 401.5 - Authorization failed by ISAPI/CGI application"
403.1	Execute access forbidden	The appropriatelevel of the Execute permission is not granted. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942065 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.1 - Forbidden"
403.2	Read access forbidden	The appropriate level of the Read permission is not granted. Verify that you have set up IIS 7.0, IIS 7.5, and IIS 8.0 to grant the Read permission to the directory. Additionally, if you use a default document, verify that the default document exists. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942036 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.2 - Forbidden"
403.3	Write access forbidden	The appropriate level of the Write permission is not granted. Verify that the IIS 7.0, IIS 7.5, and IIS 8.0 permissions and the NTFS file system permissions are set up to grant the Write permission to the directory. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942035 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.3 - Forbidden"
403.4	SSL required	The request is made over a nonsecure channel, and the web application requires a Secure Sockets Layer (SSL) connection. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942070 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.4 - Forbidden"
403.5	SSL 128 required	The server is configured to require a 128-bit SSL connection. But, the request is not sent by using 128-bit encryption. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942069 Error message when you try to browse a webpage that is hosted on IIS 7.0: "HTTP Error 403.5 - Forbidden"
403.6	IP address rejected	The server is configured to deny access to the current IP address. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942068 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.6 - IP Address Rejected"
403.7	Client certificate required	The server is configured to require a certificate for client authentication. But, the client browser does not have an appropriate client certificate installed. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942067 Error message when you try to run a web application that is hosted on a server that is running IIS 7.0: "HTTP Error 403.7 - Forbidden"
403.8	Site access denied	The server is configured to deny requests based on the Domain Name System (DNS) name of the client computer. For more information about how to resolve this problem, click the following article number to view the article in the Microsoft Knowledge Base: 942066 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.8 - Forbidden"
403.12	Mapper denied access	The page that you want to access requires a client certificate. But, the user ID that is mapped to the client certificate is denied access to the file. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942064 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.12 - Client Certificate Denied"
403.13	Client certificate revoked	The client browser tries to use a client certificate that was revoked by the issuing certification authority. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942063 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.13 - Forbidden"
403.14	Directory listing denied	The server is not configured to display a content directory listing, and a default document is not set. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942062 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.14 - Forbidden"
403.16	Client certificate is untrusted or invalid.	The client browser tries to use a client certificate that is not trusted by the server that is running IIS 7.0, IIS 7.5, or IIS 8.0 or that is not valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942061 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.16 - Forbidden"
403.17	Client certificate has expired or is not yet valid.	The client browser tries to use a client certificate that is expired or that is not yet valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942038 Error message when you try to visit a webpage that is hosted on Internet Information Services 7.0: "HTTP Error 403.17 (Forbidden) - The client certificate has expired"
403.18	Cannot execute requested URL in the current application pool.	A custom error page is configured, and the custom error page resides in a different application pool than the application pool of the requested URL. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942037 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.18 - Forbidden"
403.19	Cannot execute CGI applications for the client browser in this application pool.	The identity of the application pool does not have the Replace a process level token user right. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942048 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 403.19 - Forbidden"
404.0	Not found.	The file that you are trying to access was moved or does not exist. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942041 Error message when you try to open a webpage that is hosted on IIS 7.0: "HTTP Error 404.0 - Not Found"
404.2	ISAPI or CGI restriction.	The requested ISAPI resource or the requested CGI resource is restricted on the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942040 Error message when you try to visit a webpage that is hosted on a computer that is running IIS 7.0: "HTTP Error 404.2 – Not Found"
404.3	MIME type restriction.	The current MIME mapping for the requested extension type is not valid or is not configured. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942032 Error message when users visit a website that is hosted on a server that is running Internet Information Services 7.0: "HTTP Error 404.3 - Not Found"
404.4	No handler configured.	The file name extension of the requested URL does not have a handler that is configured to process the request on the Web server. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942052 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.4 - Not Found"
404.5	Denied by request filtering configuration.	The requested URL contains a character sequence that is blocked by the server. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942053 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.5 - URL Sequence Denied"
404.6	Verb denied.	The request is made by using an HTTP verb that is not configured or that is not valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942046 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.6 - VERB_DENIED"
404.7	File extension denied.	The requested file name extension is not allowed. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942045 Error message when you try to browse a webpage that is hosted on IIS 7.0: "HTTP Error 404.7 - FILE_EXTENSION_DENIED"
404.8	Hidden namespace.	The requested URL is denied because the directory is hidden. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942047 Error message when you try to visit a webpage that is hosted on IIS 7.0: "HTTP Error 404.8 - HIDDEN_NAMESPACE"
404.9	File attribute hidden.	The requested file is hidden. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942049 Error message when you try to visit a website that is hosted on IIS 7.0: "HTTP Error 404.9 - File Attribute Hidden"
404.10	Request header too long.	The request is denied because the request headers are too long. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942077 Error message when you visit a website that is hosted on a server that is running Internet Information Services 7.0: "HTTP Error 404.10 - REQUEST_HEADER_TOO_LONG"
404.11	Request contains double escape sequence.	The request contains a double escape sequence. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942076 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.11 - URL_DOUBLE_ESCAPED"
404.12	Request contains high-bit characters.	The request contains high-bit characters, and the server is configured not to allow high-bit characters. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942075 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.12 - URL_HAS_HIGH_BIT_CHARS"
404.13	Content length too large.	The request contains a Content-Length header. The value of the Content-Length header is larger than the limit that is allowed for the server. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942074 Error message when you visit a website that is hosted on a server that is running Internet Information Services 7.0: "HTTP Error 404.13 - CONTENT_LENGTH_TOO_LARGE"
404.14	Request URL too long.	The requested URL exceeds the limit that is allowed for the server. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942073 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.14 - URL_TOO_LONG"
404.15	Query string too long.	The request contains a query string that is longer than the limit that is allowed for the server. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942071 Error message when you visit a website that is hosted on a server that is running IIS 7.0: "HTTP Error 404.15 - Not Found"
404.17	Dynamic content mapped to the static file handler.	For more information, click the following article number to view the article in the Microsoft Knowledge Base: 2019689 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 404.17 - Not Found"
405.0	Method not allowed.	The request is made by using an HTTP method that is not valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942051 Error message when a user visits a website that is hosted on a server that is running Internet Information Services 7.0: "HTTP Error 405.0 - Method not allowed"
406.0	Invalid MIME type.	The request is made by using an Accept header that contains a MIME value that is not valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942050 Error message when you visit a website that is hosted on a server that is running Internet Information Services 7.0: "HTTP Error 406 - Not Acceptable"
412.0	Precondition failed.	The request is made by using an If-Match request header that contains a value that is not valid. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942056 Error message when you visit a website that is hosted on Internet Information Services (IIS) 7.0: "HTTP Error 412 - Precondition failed"
500	Internal server error.	This HTTP status code may occur for many server-side reasons. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942031 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 500.0 - Internal Server Error"
500.11	Application is shutting down on the web server.	The request is not processed because the destination application pool is shutting down. Wait for the worker process to finish shutting down, and then try the request again. If this problem persists, the web application may be experiencing problems that prevent the web application from shutting down correctly.
500.12	Application is busy restarting on the web server.	The request is not processed because the destination application pool is restarting. This HTTP status code should disappear when you refresh the page. If this HTTP status code appears again after you refresh the page, the problem may be caused by antivirus software that is scanning the Global.asa file. If this problem persists, the web application may be experiencing problems that prevent the web application from restarting correctly.
500.13	Web server is too busy.	The request is not processed because the server is too busy to accept any new incoming requests. Typically, this HTTP status code means that the number of incoming concurrent requests exceeds the number that the IIS 7.0, IIS 7.5, or IIS 8.0 web application can process. This problem may occur because the performance configuration settings are set too low, the hardware is insufficient, or a bottleneck occurs in the IIS 7.0, IIS 7.5, or IIS 8.0 web application. A common troubleshooting method is to generate a memory dump file of the IIS 7.0, IIS 7.5, or IIS 8.0 processes when the error is occurring and then to debug the memory dump file.
500.15	Direct requests for Global.asax are not allowed.	A direct request for the Global.asa file or for the Global.asax file is made. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942030 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 500.15 - Direct request for global.asa are not allowed"
500.19	Configuration data is invalid.	This HTTP status code occurs because of a problem in the associated Applicationhost.config file or in the associated Web.config file. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942055 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 500.19 - Internal Server Error"
500.100	Internal ASP error.	An error occurs during the processing of an Active Server Pages (ASP) page. To obtain more specific information about the error, disable friendly HTTP error messages in the web browser. Additionally, the IIS log may show an ASP error number that corresponds to the error that occurs. For more information about ASP error messages and about the meaning of ASP error messages, click the following article number to view the article in the Microsoft Knowledge Base: 294271ASP error codes
501.0	Not implemented.	The client browser sends an HTTP-Trace verb, and the server is not configured to process the HTTP-Trace verb. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942058 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 501.0 - Not Implemented"
502.1	CGI application timeout.	A CGI application does not return a valid HTTP response in the configured time limit. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942059 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 502.1 - Bad Gateway"
502.2	Bad gateway: Premature Exit	A CGI application returns an HTTP response that is not valid to the server that is running IIS 7.0, IIS 7.5, or IIS 8.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base: 942057 Error message when you visit a website that is hosted on IIS 7.0: "HTTP Error 502.2 - Bad Gateway"
503.0	Service unavailable.	The request is sent to an application pool that is currently stopped or that is currently disabled. To resolve this issue, make sure that the destination application pool is started. The event log may give information about why the application pool is stopped or disabled.
503.2	Concurrent request limit exceeded.	The appConcurrentRequestLimit property is set to a value that is lower than the current number of concurrent requests. IIS 7.0, IIS 7.5, and IIS 8.0 do not allow more concurrent requests than the value of the appConcurrentRequestLimit property.

HTTP 401.1 - Unauthorized: Logon Failed

When you use the fully qualified domain name (FQDN) or a custom host header to browse a local Web site that is hosted on a computer that is running Microsoft Internet Information Services (IIS) 5.1 or a later version, you may receive an error message that resembles the following:

HTTP 401.1 - Unauthorized: Logon Failed

This issue occurs when the Web site uses Integrated Authentication and has a name that is mapped to the local loopback address.

Note You only receive this error message if you try to browse the Web site directly on the server. If you browse the Web site from a client computer, the Web site works as expected.

Additionally, an event message that resembles the following event message is logged in the Security Event log. This event message includes some strange characters in the value for the Logon Process entry:

Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: Date
Time: Time
User: NT AUTHORITY\SYSTEM
Computer: Computer_Name
Description: Logon Failure:
Reason: An error occurred during logon
User Name: User_Name
Domain: Domain_Name
Logon Type: 3
Logon Process: Ðùº
Authentication Package: NTLM
Workstation Name: Computer_Name
Status code: 0xC000006D
Substatus code: 0x0
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: IP_Address
Source Port: Port_Number

Note Sometimes, the strange characters that appear in this event message may resemble the following characters:

Ðù²

You may also receive an error message that resembles the following when you try to debug a Microsoft ASP.NET project in Microsoft Visual Studio 2003:

Error while trying to run project: Unable to start debugging on the web server. You do not have permissions to debug the server.

Verify that you are a member of the 'Debugger Users' group on the server.

Note The word "Web" is incorrectly capitalized in this error message.

Calls that are made from a Web service do not result in an HTTP 401 message in the IIS logs. An HTTP 401 message may be noted in the Description section of an Error event for an application that uses a Web service. For example, this behavior may occur for Microsoft Commerce Server 2002. If this behavior occurs, it is a symptom of a change that is made by Microsoft Windows Server 2003 Service Pack 1 (SP1) and the loopback check security feature.

Cause :

This issue occurs if you install Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1). Windows XP SP2 and Windows Server 2003 SP1 include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name. 

Workaround :

 Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:

322756 How to back up and restore the registry in Windows

There are two methods to work around this issue, use one of the following methods, as appropriate for your situation.

Method 1: Specify host names (Preferred method if NTLM authentication is desired)

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

1. Set the
   DisableStrictNameChecking
   registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
   281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key:
   
   

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. Right-click MSV1_0, point to New, and then click Multi-String Value.
5. Type BackConnectionHostNames, and then press ENTER.
6. Right-click BackConnectionHostNames, and then click Modify.
7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8. Quit Registry Editor, and then restart the IISAdmin service.

Method 2: Disable the loopback check (less-recommended method)

The second method is to disable the loopback check by setting the DisableLoopbackCheck registry key.

To set the DisableLoopbackCheck registry key, follow these steps:

1. Set the
   DisableStrictNameChecking
   registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
   281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
2. Click Start, click Run, type regedit, and then click OK.
3. In Registry Editor, locate and then click the following registry key:
   
   

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
4. Right-click Lsa, point to New, and then click DWORD Value.
5. Type DisableLoopbackCheck, and then press ENTER.
6. Right-click DisableLoopbackCheck, and then click Modify.
7. In the Value data box, type 1, and then click OK.
8. Quit Registry Editor, and then restart your computer.

" HTTP 404 " Not Found while accessing site collection from outside SharePoint 2013

I made a new Site-Collection as wiki. Everything (links,...) works fine on the server but when I want to access the wiki from outside (not localhost) the server runs in a 404 Not found error.

http://localhost/sites/wiki/Pages/Home.aspx - works fine(localhost)

http://10.38.0.15/sites/wiki/Pages/Home.aspx - doesn't work.

I checked the IIS settings, all servers are up and running. The log file has no errors in it.

Solution :

The most common cause for this is that you don't have the IIS host header configured correctly. The 404 will appear because you are hitting a different IIS web site and not the one you intended to.

If you go into IIS Manager and click on "Sites" in the right hand pane there will be a column called bindings and a column called ID.

IIS will check in the order of ID for the first site that matches. Make sure the default site is stopped. If you see bindings that look like the following:

ID 1: Bindings: *:80
ID 2: Bindings: www.yoursite.com:80

www.othersite.com will match ID 1. Any other site that doesn't specify a port or https: will be directed to ID 2. You need to ensure that the site you are trying to access matches your bindings. The "www.yoursite.com" is added to the site via "New Web Application" in SharePoint. There is a field called Host: in Central Administration. This should match what you are typing from inside and outside the server. If you need the site to respond to multiple names, you need to extend the web application.

Assuming you used the default of claims authentication, here are the instructions for that:
http://technet.microsoft.com/en-us/library/gg276325.aspx

I am not sure if this is still required in Server 2012, but disabling the loopback check might also help, although this usually results in a 401, and repeated attempts to log in. Here are the instructions for that.

http://support.microsoft.com/kb/896861

"HTTP 403 " : Acces Forbidden in Sharepoint 2013 IIS

when I 'm trying to access to a site collection in SharePoint 2013, just created. Error 403 + access denied concerning ISAPI module?

I retrieve the error in the   IIS log -> Warning:

-MODULE_SET_RESPONSE_ERROR_STATUS 
ModuleName   IsapiModule 
Notification  128 
HttpStatus 403 
HttpReason FORBIDDEN 
HttpSubStatus 0 
ErrorCode 0 
ConfigExceptionInfo
Notification EXECUTE_REQUEST_HANDLER 
ErrorCode L’opération a réussi. (0x0)

More informations about my configuration on IIS:

1) ISAPI and CGI restrictions Allowed for all dll paths
2) Handler mapping Permissions : read , script and execute for feature OwssvrHandler
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\isapi\owssvr.dll
3) Permissions acces "all rights" for everybody on foldes C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15
and C:\inetpub\wwwroot\wss\VirtualDirectories\80

Is this a problem due to the fact that Sharepoint 2010 has already been installed on the machine?

Solution :

try to allow all on iis/ISAPI and CGI (to avoid message access denied concerning ISAPI module)