Configure the PHP running environment in FastCGI mode on IIS7.0, and test that the PHP program can run normally , deploy the PHP program and import the original data and configuration information of the program. Problems will arise soon. We will record them in detail below.
Today I am going to run a php demo under IIS. The configuration of the website under IIS is as follows:
The application pool is .net framework 2.0 in integrated mode (2.0 or 4.0 does not matter, because PHP runs in fastCGI mode), the application pool identity is configured as IIS built-in NETWORKSERVICE, and the authentication method used is anonymous identity verify.
Open the local website and access the php page, but a 500 error occurs.
Well, it’s a permissions issue. The simplest solution is to set the permissions of C:UsersAdministratorPhpstormProjectsphpDemo to Everyone and allow full control:
Re-visit the php page, successful:
The above method is simple enough, but it is also too unsafe. It is usually no problem to set up a local demo to do this, but when it is actually online, it will cause problems sooner or later.
So I reset it and gave the read-only permissions in the directory to the NETWRORKSERVICE account and tried again
However, the problem is still not solved. When accessing, a 401 error occurred
The error message includes that the logged-in user is anonymous. Check the authentication under the website (then click Anonymous Authentication->Edit). It turns out that by default, the website uses the default login user when the login method is anonymous. For IUSR (the anonymous login user we see)
Then the solution is:
1. Set IUSR to the read permission of C:UsersAdministratorPhpstormProjectsphpDemo, similar to the previous setting of NETWORKSERVICE.
2. Or choose to use the application pool identity.
After testing, both methods 1 and 2 were successful.
Note: NETWORKSERVICE belongs to the iis_iusers user group in IIS7. The previous settings for NETWORKSERVICE can also be changed to the settings for iis_iusers, which can also solve the problem, but the permissions have been further relaxed.
The above is the entire content of this article, I hope you all like it.