I have a Wordpress blog installed in a IIS 8.5 machine and I'm using forms authentication using the following:
<authentication mode="Forms">
<forms loginUrl="/login/login.aspx" name="authcookies" protection="All" timeout="30" path="/">
</forms>
</authentication>
I also have:
<authorization>
<deny users="?" />
</authorization>
to prevent unauthenticated users from accessing the blog.
When I try to access www.test.com/blog
when I'm unauthenticated it redirects me to the login page but if I go to www.test.com/blog/subdir
it ignores the authentication.
Any ideas?
You will need to add a handler to force IIS to run requests for php pages through the .net authorisation pipeline. Add this to the web.config inside the /blog directory:
<handlers>
<add name="phpauth" path="*" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="None" preCondition="classicMode,runtimeVersionv4.0,bitness64" />
</handlers>
Make sure the preCondition matches the bitness and runtime version of your app pool
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.