Sample web.config file for error handling Print

  • 3

Using web.config - Returning custom http error messages on IIS 7.5 
The web.config file allows you to create custom http error pages for your web site. The custom errors can be set or overridden on a site wide or directory-by-directory basis. While some web.config sections require that the directory is set as an application, this isn't one of them. A simple web.config with a httpErrors section may be placed in any directory, and the directory does NOT need to be set as an application. 

What are http errors?
HTTP errors are returned to the client when something goes wrong on the server. Error status codes are returned if the requested file isn't found (404), or due to coding errors in the web page (500), and due to temporary issues such as failed database connections (500). The most common errors are 404 (file not found) and 500 (application) errors. 

Custom 404 and 500 errors are typically used to provide a friendlier error message to your users. Custom 404 and 500 errors could also redirect the user to the default (or any) page, and are sometimes used to notify the web site administrator of problems on the web site. 

If you wish to configure custom errors for your site, or even just for a single directory in your site, please follow the directions on this page.
  • 400 Error (bad request)
  • 401 Error (unauthorized)
  • 403 Error (forbidden)
  • 404 Error (not found)
  • 500 Error (internal server error)
How it's done
Example custom HTTP errors. Comments are enclosed in <!-- --> and are not required.
  • Capture and return specific error types
    <httpErrors>
           <remove statusCode="401" subStatusCode="-1" />
           <remove statusCode="403" subStatusCode="-1" />      
           <remove statusCode="404" subStatusCode="-1" />                
           <remove statusCode="500" subStatusCode="-1" />
              <!-- full url when responsemode is Redirect -->
           <error statusCode="401" path="http://foo.com/default.htm" responseMode="Redirect" />
              <!-- local relative path when responsemode is ExecuteURL -->
           <error statusCode="403" path="/errors/403.htm" responseMode="ExecuteURL" />
           <error statusCode="404" path="/somedir/oops404.htm" responseMode="ExecuteURL" />                
           <error statusCode="500" path="/somedir/500.asp" responseMode="ExecuteURL" />
    </httpErrors>
    

Using Custom Errors
  • Use a text editor to create a file named web.config
  • Save the web.config file with the appropriate content
  • Place the web.config file in the directory that you wish to modify

Detailed web.config content
  • If there isn't an existing web.config in the directory, your new web.config should look something like this
    <?xml version="1.0"?>
    <configuration>
       <system.webServer>
          <httpErrors>
            <remove statusCode="401" subStatusCode="-1" />
            <remove statusCode="403" subStatusCode="-1" />      
            <remove statusCode="404" subStatusCode="-1" />                
            <remove statusCode="500" subStatusCode="-1" />
              <!-- full url when responsemode is Redirect -->
            <error statusCode="401" path="http://foo.com/default.htm" responseMode="Redirect" />
              <!-- local relative path when responsemode is ExecuteURL -->
            <error statusCode="403" path="/errors/403.htm" responseMode="ExecuteURL" />
            <error statusCode="404" path="/somedir/oops404.htm" responseMode="ExecuteURL" />                
            <error statusCode="500" path="/somedir/500.asp" responseMode="ExecuteURL" />
          </httpErrors>
          <modules runAllManagedModulesForAllRequests="true"/>
       </system.webServer>
    </configuration>
    

  • If there is an existing web config, without a <system.webServer> section... Your new web.config should look like this
    <?xml version="1.0"?>
    <configuration>
       <system.web>
         .. existing text ..
         .. existing text ..
       </system.web>
       <system.webServer>
          <httpErrors>
            <remove statusCode="401" subStatusCode="-1" />
            <remove statusCode="403" subStatusCode="-1" />      
            <remove statusCode="404" subStatusCode="-1" />                
            <remove statusCode="500" subStatusCode="-1" />
              <!-- full url when responsemode is Redirect -->
            <error statusCode="401" path="http://foo.com/default.htm" responseMode="Redirect" />
              <!-- local relative path when responsemode is ExecuteURL -->
            <error statusCode="403" path="/errors/403.htm" responseMode="ExecuteURL" />
            <error statusCode="404" path="/somedir/oops404.htm" responseMode="ExecuteURL" />                
            <error statusCode="500" path="/somedir/500.asp" responseMode="ExecuteURL" />
          </httpErrors>
          <modules runAllManagedModulesForAllRequests="true"/>
       </system.webServer>
    </configuration>
    

  • If your existing web.config already has a <system.webServer> section, just add the <httpErrors> section
    <?xml version="1.0"?>
    <configuration>
       <system.web>
         .. existing text ..
         .. existing text ..
       </system.web>
       <system.webServer>
          <httpErrors>
            <remove statusCode="401" subStatusCode="-1" />
            <remove statusCode="403" subStatusCode="-1" />      
            <remove statusCode="404" subStatusCode="-1" />                
            <remove statusCode="500" subStatusCode="-1" />
              <!-- full url when responsemode is Redirect -->
            <error statusCode="401" path="http://foo.com/default.htm" responseMode="Redirect" />
              <!-- local relative path when responsemode is ExecuteURL -->
            <error statusCode="403" path="/errors/403.htm" responseMode="ExecuteURL" />
            <error statusCode="404" path="/somedir/oops404.htm" responseMode="ExecuteURL" />                
            <error statusCode="500" path="/somedir/500.asp" responseMode="ExecuteURL" />
          </httpErrors>
          <modules runAllManagedModulesForAllRequests="true"/>
       </system.webServer>
    </configuration>
    


Was this answer helpful?

« Back