July 05, 2012

Security Exceptions After Moving .NET 2.0 DNN Site?

Over the past few weeks it seems that I have been doing more DotNetNuke site shuffles than I have in a long time.  From local -> production, from hosting provider a -> hosting provider b, and any combination therein.  This process is practically second nature for me as I've done it so many times.  However I had two sties that proved to be really troublesome so I though I'd share the root causes here in hopes that it might help someone!

Back Story

I've had the following happen twice to me now and was contacted by another developer that also has recently experienced the issues.  Given the nature of the issues there are a few certain things that have to be in place for it to be a problem.  First you have to be moving the site to Windows Server 2008 R2, secondly you have to be using IE to download the files to extract to the server, and lastly it appears to only affect sites running in a .NET 2.0 application pool. 

The Error

The site would move over fine, the database restored, the application configured, permissions triple checked, but as soon as the site starts a single error.  "Request for the permission of type 'System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed."  With absolutely no clean documentation outlining WHY!

I checked permissions so many times it could be considered insane but all were fine.

The Fix

The issue was actually with the file download and extraction.  Due to the security features of Windows Server 2008 R2, web downloaded content is "blocked" by default.  Just like windows 7.  Right clicking on the  file and viewing properties showed the following.  This was true to for any file within the system.

Blocked File

Now, this looks simple to resolve correct?  It is in theory, simply click "Unblock" and that file will be allowed.  The complication is that you don't know which DLL is actually causing the problem. So the more simple approach is to do the following.

Delete all of the files as they are on the server.  Download your zip file again and save locally.  Right click on the Zip file and unblock it.  THEN unzip the contents.  This makes sure that no files have the flag set!

Conclusion

With a simply process change you can avoid a nightmare!  Feel free to share any comments below.

tags: DNN, DNN Administration, Quick Tips
comments powered by Disqus

Content provided in this blog is provided "AS-IS" and the information should be used at your own discretion.  The thoughts and opinions expressed are the personal thoughts of Mitchel Sellers and do not reflect the opinions of his employer.

Content Copyright

Content in this blog is copyright protected.  Re-publishing on other websites is allowed as long as proper credit and backlink to the article is provided.  Any other re-publishing or distribution of this content is prohibited without written permission from Mitchel Sellers.