Enabling Access to Bin, App_Code, App_Data and other ASP.NET Protected Folders

IT Hit WebDAV Server Engine

By default Bin, App_Code, App_Data, App_Browsers, App_GlobalResources, App_LocalResources, App_Themes, App_WebReferences folders are protected by by ASP.NET and you will be unable to create folders with such names in your WebDAV repository or access file in this folders. Usually you will need to be able to access this folders if you would like to use your WebDAV server for storing ASP.NET projects that usually contain folders with above names. As soon as all file structure is stored inside your storage there is no need in additional protection at ASP.NET level.

IIS 7.0, Windows 2008 / Vista

In IIS 7.0 you can either configure requestFiltering settings in web.config or you can remove RequestFilteringModule. To configure requestFiltering add the following lines to your web.config file:

 

<configuration>

...

 <system.webServer>

...

  <security>

   <requestFiltering>

    <!-- Allow all files with 'web.config' name. -->

    <fileExtensions>

     <clear />

    </fileExtensions>

 

    <!-- Allow all folders with 'bin', 'App_code', 'App_Data', etc names. -->                  

    <hiddenSegments>

     <clear />

    </hiddenSegments>

 

    <!-- Maximum upload file segment size in bytes is 2147483648 (2Gb) -->

    <requestLimits maxAllowedContentLength="2147483648"/>

   </requestFiltering>

  </security>

 </system.webServer>

</configuration>

If you would like to remove the RequestFilteringModule module you must fist unlock it at server level.
Open IIS MMC console and click on root server node. Than go to Modules and select RequestFilteringModule. Click Unlock. Now you can remove this module at site level. Click on your WebDAV website and go to Modules. Finally remove the RequestFilteringModule module.

Removing RequestFilteringModule in IIS 7

RequestFilteringModule protects folders both in Classic and Pipeline modes. Note that while IIS 7 also has aspnet_filter.dll configured at server and site level it does not protect folders so you do not need to remove it.

IIS 6.0 / 5.1, Windows 2003 / XP

In IIS 6.0 and 5.1 you will have to remove aspnet_filter.dll filter installed at sever level. If you host any other websites except WebDAV server in the same IIS server you will have to configure aspnet_filter.dll on each non-WebDAV website.

Open IIS MMC console and right click on Web Sites node, select Properties. In the Web Sites Properties dialog select ISAPI Filters tab and remove the filter called ASP.NET_2.0.50727.42 mapped to aspnet_filter.dll.

Removing aspnet_filter.dll in IIS 6.0 / 5.1