How to troubleshoot the Web server

With the continuous improvement of information requirements, I believe that most units will set up their own Web servers to publish information on the Internet and promote themselves. In order to ensure that any Internet user can access the content in the Web server smoothly, the network administrator often needs to set up an IIS server before the official release of Web information to ensure the consistent and stable operation of the company's website. However, many times, we will encounter the situation that the Web server fails to access. In the face of Web server failures, we often behave in a hurry and don't know where to start to solve these Web server failures. In fact, there are many factors that cause Web server failures, and we need to investigate them one by one in order to effectively solve the corresponding Web server failures. Web server failure phenomenon In order to fully display the image of the unit and expand the visibility of the unit, the unit leader requires the network administrator to come up with a plan immediately and establish a personalized website, which not only ensures that employees in the unit can access the website normally through the intranet, but also ensures that users outside the network can quickly access the content of the unit's website. According to the instructions of the leader, the network administrator immediately took action, chose a computer with very efficient running performance as the server system, installed and configured the Windows Server 2003 system in it, and built a Web server by using the IIS component of the system. In order to improve the access speed of the website, the network administrator specially connects the computer where the website is located directly to the unit gigabit core switch, and sets the IP address of the target host as the address of the computer in the same network segment as that used by the ordinary employees of the unit. At the beginning, all users, whether intranet users or extranet users, can access the company website normally. However, it didn't take long for the company's intranet users to encounter the failure of the Web server when visiting the website. Specifically, no matter which client system they start from, when they use the intranet address to access the company's target site, an authentication dialog box will pop up on the system screen, asking the company employees to enter the access account and password. However, when the network administrator tried to log in as the website system administrator, he found that he could never log in. What is even more incomprehensible is that when the network administrator rushed to the Web server site to check its security configuration, he found that the login authentication setting was not enabled at all on the target site. How does the authentication dialog box pop up? Troubleshooting of Web Server Because there are many factors that cause the failure of this kind of Web server, we must investigate all possible factors in turn and find out the specific reasons for the failure of the Web server. Hefei Network Company analyzes how to take targeted measures to quickly solve the fault phenomenon: 1. Check the secure login settings. Considering that when visiting the target Website, the system will pop up an authentication dialog box, which means that the target website may be configured incorrectly in terms of secure login, resulting in users having to enter access when accessing web content. According to this analysis idea, the network administrator is going to check the security login configuration parameters of the Web server first to see if the settings are correct; In order to realize this, the network administrator immediately goes to the site of the target Web host, logs in with a privileged account, clicks the Start/Settings/Control Panel option in turn, finds the "Management Tool" function icon from the pop-up system control panel window, and double-clicks the icon option with the mouse to enter the management tool list window of the corresponding system; Then double-click the IIS function icon with the mouse to pop up the IIS console window of the corresponding system, find the computer name where the target Website is located from the list area on the left side of the window, click the computer name with the right mouse button, and execute the "Properties" command from the pop-up right-click menu to pop up the property setting window of the target web host; Click the "Directory Security" tab in the property setting window to open the directory security option setting page; Next, click the "Edit" button on the right side of the authentication and access control settings item on the settings page to enter the authentication and access control settings dialog box. The network administrator found that anonymous access, integrated Windows authentication and other options were all selected, so he tried to deselect these parameter options and then re-access the Web from a computer in the intranet, but the same fault still existed. Therefore, the network administrator once again chose the two options of "anonymous access" and "integrated Windows authentication", but to his great disappointment, there seems to be a failure whether the above two options are selected or not, which shows that the secure login setting of the target Web host has nothing to do with the above failure. 2. Check the Internet connection settings. Since the login settings and permission settings cannot affect the access failure of the Web server, the problem may be elsewhere. Considering that after the company's Web server is successfully built, the network management rarely changes, and the possibility of problems in the server itself is relatively small, so the network management decided to start with the network connection settings of ordinary clients to see if it is caused by the clients themselves. The network administrator is worried that there may be ARP virus in the local area network, which will cause Internet packets to be forcibly forwarded to other hosts when ordinary client systems visit the target website. So he immediately logged into the background system of the core switch in the company's local area network, and used the diagnostic command provided by the system to scan and diagnose every internet port in the intranet. The results show that all internet ports are in normal working condition, and there is no address conflict caused by ARP virus in the intranet, indicating that there is no ARP virus in the intranet. Then the network administrator tested the connectivity of several common client systems, and found that their status was normal, and it was also normal when the ping command was executed from the client system to test the connectivity of the IP address of the target website, indicating that the common client systems can access the target website normally. Later, the network administrator worried that the client system would use the proxy LAN to access the Internet, because when accessing the target website in this way, the login account and password of the proxy server need to be entered first. When we visit the website for proxy server, will the authentication dialog box pop up on the system screen? In order to eliminate this factor, the network administrator immediately opens the IE browser window of the client system, clicks "Tools"/"Internet Options" in turn, opens the Internet Options Settings dialog box, and clicks the "Connect" tab. In the corresponding tab settings page, the network administrator found that the local client system did not enable proxy settings, indicating that the failure of Web server access has nothing to do with the internet connection settings of the client system. 3. Check whether the access right of the directory is the home directory pointed by the target website, and restrict the access right of ordinary users. Related to this, when building an FTP site, ordinary users will not be able to log in to the FTP site through IE browser without opening user access rights to the home directory of the FTP site. Then, the network administrator immediately opens the system resource manager window of the target website, finds the corresponding home directory, clicks the home directory with the right mouse button, executes the "Properties" command in the pop-up shortcut menu, and opens the property setting dialog box of the corresponding home directory; Click the Security tab, and the network administrator can see that there is no access to anyone's account. Is it because everyone account is not authorized, which leads to the failure of Web server access? In order to verify whether this guess is correct, the network administrator immediately clicks the "Add" button on the security option setting page, adds the everyone account to the account list, and sets the appropriate access rights for the account. Finally, he clicks OK to save the settings. He thought this setting operation could solve the problem, but when the network administrator tried to access the website from the ordinary client system again, he found it was still unsuccessful. Obviously, the cause of the above failure phenomenon may not be directory access. 4. Check the authorization mode configuration. After excluding the client system's own factors, the network administrator once again focused on the Web server. After consulting related questions on the Internet, the network administrator estimated that the authorization mode of the Windows Server 2003 server system may be accidentally modified, because if the server authorization mode is set incorrectly, it is likely that no matter what login account the user enters, it will be invalid. Therefore, the network administrator immediately logs into the Web server system, clicks the Start/Setup/Control Panel command in turn, and then double-clicks the authorization icon in the pop-up control panel window to pop up the authorization mode configuration window, in which the network administrator finds that the target website is currently using the per-server authorization mode. In order to determine whether this parameter has an impact on Web access, the network administrator changes the authorization mode to the "per device or user" option and restarts the Web server system. However, this adjustment has not achieved any effect. It seems that the configuration of authorization mode has no direct impact on Web access operations. 5. Check other Web services. After the above investigation, the network administrator confirmed that the Web server and client system were in normal condition, and the company's intranet lines were also normal. Then why does the client system pop up an authentication dialog box when visiting the company website, and it is useless to enter any user account? After careful analysis, the network administrator estimates that there may be other Web services in the LAN at the same time, and other Web services just grab the site address of the company's Web server. Finally, when employees visit the Web, they actually ask another website that is not configured correctly. Just as the network administrator was about to check whether there were other Web services in the LAN, a faulty phone suddenly called in, saying that the newly bought printer of the company suddenly could not print normally on the network. So will this failure be related to the failure of Web server access? In view of this, the network administrator immediately rushed to the site of the network printer, logged into the background management page of the device, checked its configuration parameters, and found that the log page of the device suggested that there was an address conflict. After careful examination, the network administrator found that the address of the conflict was actually the address of the company's website. When we access the target site from the intranet client system, do we access the printer background management system? Because of the address conflict, the network administrator immediately reassigned an address for the network printer, and then he visited the target website again, this time successfully opening the content of the corresponding site. Obviously, the failure of the Web server has been successfully solved. Web server fault summary After more in-depth inspection, the network administrator found that the printer device runs the Web service by default, so that the printing user can remotely manage the printing device through the Web. By default, the anonymous access function is not enabled for network printers, so when the network printer uses the IP address of the company website, the online users actually visit the background management page of the printer and need to be authenticated, which is why the authentication dialog box pops up when ordinary users visit the target site, and the network administrator can't log in successfully no matter what user account they enter. This is why the Web server failed. Looking back at the troubleshooting process of the Web server above, we find that the troubleshooting of the Web server is actually very simple. If we can notice the addition of network printers in the local area network in time, we may be able to notice that this change will affect the failure of the Web server when troubleshooting. Therefore, before troubleshooting network faults in the future, we should first observe whether the network environment has changed, and if so, we should make targeted thinking and association on the changes, so as not to take detours to solve the faults.