This article will walk you through setting up custom error messages to match the look and feel of your website.
Step 1 - Check that you have IIS HTTP Errors installed
- Open up the Server Manager.
- Expand the Roles node and click on Web Server (IIS) node. The IIS summary page will display in the right hand pane.
- Check that the HTTP Errors service is listed as installed under Role Services.
Step 2 - Check that the Error Pages feature delegation is set to Read/Write
In order to specify your custom error pages in your web.config file the Error Pages feature delegation must be set to read/write. This setting overrides the IIS applicationhost .config to allow the error pages to be specified further down the chain of config, i.e. in the web.config. This should be set correctly in IIS 7.5 but will need changing in IIS 7.
- Click Start > Administrative Tools > Internet Information Services (IIS) Manager.
- Click on the main server node in the left hand pane.
- In the right hand pane double click on the Feature Delegation icon under management.
- You will then be presented with a list of IIS features, you need to make sure that Error Pages is set to Read/Write . If Error Pages is set to Read Only then you will need right mouse click on Error Pages and select Read/Write .
Step 3 - Replace the standard .Net error pages with your own pages
Now that IIS is configured all you need to do is tell .Net which pages to serve when an error occurs. Each error has a status code associated with it. The most common status codes you will encounter are:
- 404 - Page Not Found
- 500 - Internal Server Error
If you are interested a list of all status codes can be found on Wikipedia.
In the following example we are going to replace the standard 404 and 500 error pages. This involves adding the following code to your web.config file.
<httpErrors errorMode="DetailedLocalOnly" existingResponse="Replace">
<remove statusCode="404" subStatusCode="-1" />
<remove statusCode="500" subStatusCode="-1" />
<error statusCode="404" path="/errors/notfound.aspx" responseMode="ExecuteURL" />
<error statusCode="500" path="/errors/pageerror.aspx" responseMode="ExecuteURL" />
The above code replaces the 500 and 404 error pages, all you need to do is replace the paths with the correct paths to your own error pages. If you would like to replace further error codes simply add another <remove> and <error> node for the relevant error code. The <httpErrors> configuration is covered in more detail in the HTTP Errors <httpErrors> article on the official IIS site.
Once your web.config file has published you should see custom error pages.
Step 4 - Exclude error pages from authentication
If you are authenticating your website then you need to make sure that your error pages are excluded from authentication. To exclude your error pages, login to Contensis and navigate to:
Management Console > Project Setup > Publishing Servers
Click on the CMS Config link, you will be presented with an editor that contains all of the CMS configuration settings. The setting you need to update is Contensis_authentication_exceptions , simply append the path to your error pages onto the end of the list separated by a comma. So in the case of the example above you would have the following exceptions:
<add key="Contensis_authentication_exceptions" value="/errors/404.aspx,/errors/500.aspx" />
Step 5 - Custom Error setting
There is also a need to add to the customErrors section of the system.web section of your web.config. In section 3, we instructed IIS to perform redirection for specific errors using the httpErrors section of system.webServer, now we tell .NET Framework to turn off customErrors. We do however register an error within the customErrors section as show below:
<error statusCode="404" redirect="/en-gb/site/Page-Not-Found.aspx" />
This setting isn't used by IIS or .NET Framework as its mode is set to "Off", but Contensis uses it in order to understand the URLs you are using for error pages. We use this value to re-write the form action URL on your error pages which allows you to use .NET controls on them, if we didn't do this a search for example would try and postback to a non-existent page and fail.