| Author |  | 
| glsmith Moderator
 
  
 Joined: 16 Oct 2007
 Posts: 2268
 Location: Sun Diego, USA
 
 | 
|  Posted: Wed 21 Jun '17 2:58    Post subject: Looking for people with IIS and nginx on Win |   |  
| 
 |  
| I would like to find out how IIS and nginx on Windows reacts to http://domain/con 
 On Windows "con" is reserved for some reason and you cannot create a directory named con or any file named con regardless of the extension or none at all. So on Windows this file/directory name cannot exist and therefor one would think we would get a 404 right?
 
 Wrong, at least Apache on Windows it gives a 403. I'd like to know how the other web servers deal with it.
 
 This only happens on Windows as *nix doesn't have this reserved word.
 http://www.apache.org/con
 
 The 403 is technically correct but can be used to see if there's an Apache on Windows answering (fingerprinting).
 
 While I could set up an IIS and nginx on my own computers, I'd rather not have to just to test a single URL.
 
 TIA
 
 By the way I'm not making anything public that isn't already out in the wild.
 https://bz.apache.org/bugzilla/show_bug.cgi?id=55887
 
 3 and a half years now and I cannot understand how I've missed seeing this in all that time. While I don't venture into bugzilla as much as I should, I've looked through it many times since that was posted.
 |  | 
| Back to top |  | 
| yosoyminero 
 
  
 Joined: 16 Jun 2015
 Posts: 11
 Location: Spain
 
 | 
|  Posted: Wed 21 Jun '17 14:20    Post subject: |   |  
| 
 |  
| If you want to experiment with Nginx and IIS Express, you can try with xtack. 
 Check out https://xtack.org
 |  | 
| Back to top |  | 
| admin Site Admin
 
  
 Joined: 15 Oct 2005
 Posts: 706
 
 
 | 
|  Posted: Wed 21 Jun '17 15:34    Post subject: |   |  
| 
 |  
| @yosoyminero :  maybe you can verify it for Gregg ? |  | 
| Back to top |  | 
| mraddi 
 
 
 Joined: 27 Jun 2016
 Posts: 152
 Location: Schömberg, Baden-Württemberg, Germany
 
 | 
|  Posted: Wed 21 Jun '17 22:30    Post subject: |   |  
| 
 |  
| Checked NginX 1.13.1.1 x32 (and Apache 2.4.26 x64) on Windows 7 x64. Access to http://localhost/con (=Apache) results in a 403 (as already mentioned by glsmith).
 Access to http://localhost:1080/con (=NginX) results in a 500 with the following message in the error.log:
 
  	  | Code: |  	  | 2017/06/21 22:23:43 [crit] 7360#1128: *1 GetFileInformationByHandle() "c:/srv/www/con" failed (6: FormatMessage() error:(15100)), client: 127.0.0.1, server: localhost, request: "GET /con HTTP/1.1", host: "localhost:1080" | 
 |  | 
| Back to top |  | 
| glsmith Moderator
 
  
 Joined: 16 Oct 2007
 Posts: 2268
 Location: Sun Diego, USA
 
 | 
|  Posted: Thu 22 Jun '17 1:34    Post subject: |   |  
| 
 |  
| @mraddi 
 Thank you, the GetFileInformationByHandle() "c:/srv/www/con" failed I would expect. 500 seems odd though not really incorrect. Nor the 403 from Apache cause nothing can get to anything named con in Windows.
 |  | 
| Back to top |  | 
| glsmith Moderator
 
  
 Joined: 16 Oct 2007
 Posts: 2268
 Location: Sun Diego, USA
 
 | 
|  Posted: Thu 22 Jun '17 1:48    Post subject: |   |  
| 
 |  
| I figured out a way to get IIS's responses thanks to the SSLLabs server test. I've often looked at failed tests and remember of those I've looked at overs the years there have been many IIS servers being tested. There's plenty of everything failing but I can easily get URLs for IIS this way where I cannot find out what OS an nginx is running on unless maybe I also check with netcraft. 
 So far I've uncovered IIS/6 403s, IIS/10 404s. I had a IIS/7.5 to try but it erred and then erred again when trying to serve me up a custom error document so that ruined that server.
 |  | 
| Back to top |  | 
| glsmith Moderator
 
  
 Joined: 16 Oct 2007
 Posts: 2268
 Location: Sun Diego, USA
 
 | 
|  Posted: Sat 24 Jun '17 1:24    Post subject: |   |  
| 
 |  
| After backing backing up everything important and not caring if my hard drive dies (Windows is warning) I went and read the other info linked in the bug report and it looks worse. 
 aux|con|com[1-9]|lpt[1-9]|nul|prn
 
 All are reserved so I've added them to the patch I worked up for this PR. For the uber paranoid until this makes it to 2.4 (if ever) here it is
 
 Edit: Patch removed, back to drawing board.
 |  | 
| Back to top |  |