IIS - Exe files on Windows 2003 Server IIS6....

Asked By jim

04-May-08 02:14 AM

I have some exe files in a "files" directory on Windows 2003 Standard
Edition Server running IIS.

The  "files" directory is a sub-directory of a site on the server that
functions as expected except for when you click a link to any *.exe file in
this directory.  If you try and access and exe file, you get a 404 "File not
found" error.

The files are on the server and in the proper location, so it must be a
security setting of some type.  The problem is.....what type?

Do you know why I cannot access the exe files on this site?

Any help that you could offer would be greatly appreciated.

Thanks!

04-May-08 02:34 AM

Well, I found the answer at ....
http://blogs.msdn.com/david.wang/archive/2005/07/11/Allow_file_downloads_on_IIS_6.aspx

Basically, David Wang said......

Your error message indicates that you have "Scripts and Executables"
enabled, so IIS is trying to execute the .exe file on the web server, and
since the .exe is not allowed by any defined Web Service Extension, a 404.2
results. The corrective action depends on what you want to do.

1.. If you want to allow .exe files to be downloaded as-is to the browser,
then you must NOT have "Scripts and Executables" as Execute Permissions.
2.. If you want to execute the .exe file on the server to generate a
response that is sent to the browser (possibly interpreted as a download),
then you MUST have "Scripts and Executables" as Execute Permissions, and you
must enable a Web Service Extension for that .exe file.
Details
Whenever the user makes the browser request a resource like
to happen:

1.. Return the file contents of myapp.exe as-is to the browser (aka file
download)
2.. Execute myapp.exe on the web server to generate a dynamic response
(aka execute CGI script)
Now, the web server controls which action should happen, and on IIS, this is
controlled by the "Execute Permissions" property of the virtual directory
containing the .exe file. If the permission is set to "Scripts and
Executables", then IIS will do action #2. Otherwise, it will do action #1.

Prior to IIS 6.0, there were no further security checks against either
action. On IIS 6.0, there is one additional security check, depending on the
action:

1.. For action #1, the file resource's extension (.exe in this case) must
have a defined MIME Type or else a 404.3 occurs. .exe has a MIME Type of
application/octet-stream by default, so file download should just work.
2.. For action #2, there must be an enabled Web Service Extension for the
full path to the .exe resource to allow IIS to execute it to generate a HTTP
response or else a 404.2 occurs. For securety reasons, IIS 6 does not allow
any resource to execute by default unless otherwise configured/allowed in
Web Service Extension.
//David"

Kudos to David Wang and his wonderfully short and to-the-point advice!
(Bookmarking his site wouldn't be a bad idea either...)

jim

06-May-08 02:40 AM

Thanks for finding and answering your own question! :-)

That is what I am hoping the blog can do -- be a searchable repository
of answers and advice that I commonly encounter, condensed in the way
that I want (instead of the little mess I have to go through to get it
published otherwise).


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//



005/07/11/Allow_file_downlo...
2
ser,

ou

le

is

he
ust
the
TP
w