We are using the request filtering for file extensions in our web.config like so:
<fileExtensions allowUnlisted="false">
<add fileExtension="." allowed="true" />
<add fileExtension=".aspx" allowed="true" />
<add fileExtension=".ashx" allowed="true" />
<add fileExtension=".asmx" allowed="true" />
<add fileExtension=".axd" allowed="true" />
<add fileExtension=".html" allowed="true" />
<add fileExtension=".htm" allowed="true" />
However we have run into a problem. When we go to a url with a directory with a dot in it, for example "https://localhost/myamazing.folder" it will return a "HTTP Error 404.7 - Not Found" since it now thinks that its an extension that's not allowed.
When allowUnlisted is set to true, or without any filtering, iis will perform a courtesy redirect because its a folder. Is there anyway to keep this redirect behavior intact while still filtering extensions?
This is iis default security setting if you want to allow the unspecified extension you need to enable it by using
another way is set allow file name extension and then set allow URL by following below step:
In the "URL" tab allow the list of URLs->add the URL which you only want to allow. that's how it will redirect URL /myamazing.folder to /myamazing.folder/
if you are using asp.net mvc site you can refer to below link:
Dots in URL causes 404 with ASP.NET mvc and IIS