IIS Hidden Static Files Return HTTP 404 or Access Denied Errors

ID: Q216803

The information in this article applies to:
  • Microsoft Internet Information Server versions 3.0, 4.0
  • Microsoft Internet Information Services version 5.0

SYMPTOMS

Static files that have the hidden attribute set may return an HTTP 404 or an Access Denied error when browsed, while dynamic files can still be browsed.


CAUSE

This behavior is by design.


RESOLUTION

Configuring access control for all Web files should always be implemented through NTFS permissions.


MORE INFORMATION

Dynamic files such as Active Server Pages (ASP) or Server-Side Includes (SSI) are implemented through script-mapped ISAPI extensions, in this case the Asp.dll and Ssiinc.dll files respectively. These extensions preprocess the executable code in the files being requested and can therefore read hidden files and return the expected HTML output to a client. Direct Web browsing of hidden static files results in a "File not Found" or an "Access Denied" error message.

Additional query words:

Keywords :
Version : winnt:3.0,4.0,5.0
Platform : winnt
Issue type :


Last Reviewed: February 2, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.