Accessing a site from within Windows 2012 server throws 401 unauthorized error (by displaying the Windows Prompt repeatedly)

Too often when we want to try accessing a website hosted in IIS in Windows Server 2012 configured under Windows Authentication, from within the server, we are repeatedly presented with the "Windows Prompt" even after providing the correct credentials.  Per Microsoft, this behavior is per design and to access the site we had to perform the below modification in the Registry:

  1. Run "Regedit"
  2. Expand HKEY_LOCAL_MACHINE -> SYSTEM -> CurrentControlSet -> Control -> Lsa -> MSV1_0
  3. Look for a key named "BackConnectionHostNames".  If it doesnt exist then create a new one, by right-clicking onthe empty space and choose New -> Multi-String Value and provide the name as "BackConnectionHostNames"
  4. Now add the name of the site (FQDN address), example
  5. Click Ok.

Now if you try accessing the site, it will load without prompting for credentials.  For more information on this topic visit,

2,501 total views, no views today

Into to the (New) IIS Worker Process Feature

What is IIS Worker Process?

IIS Worker processes are spawned by WAS (Windows Process Activation Service) and executed by W3wp.exe.  The concept of Worker Process was introduced in IIS 6.0 which helps to physically isolate applications during execution and achieve true process isolation.  In other words,  every ASP.NET Application when hosted in IIS will be loaded into a Worker Process (when the first request is received), at which point the Application_Start event is fired in Global.asax to handle custom logic relating to application initialization.

How are Worker Processes controlled and managed?

Worker Processes are controlled through the settings defined in the Application Pool, Web.Config, Machine.Config and through "appcmd" command line utility. Even though most of the times we leave majority of the settings unchanged, when facing issues related to performance, security etc., one would need to dive deep to modify the settings appropriately to maintain application health in the long run.

Continue reading

2,105 total views, no views today

Identifying DeviceType using “UserAgent” in ASP.NET

A number of blogs and sites already has written on how we could use “UserAgent” to identify the device type, OS, browser version etc., of the requestor.  But when it came to .net except for the “Request.Browser.IsMobileDevice” there isn’t any inbuilt mechanism to identify the type of device.  Another caveat is that the “Request.Browser.IsMobileDevice” isn’t foolproof and doesn’t support all devices that exist in the market either.

When I had to look for pre-existing options, I stumbled upon some HttpModules ( which offers limited properties free of cost, but the rest is offered based on license fee.  There are also free downloads offered by WURFL ( that provides a database bank of all (known) UserAgents for use in projects.

Continue reading

1,607 total views, no views today