權限與靜態檔控制改進:
- 修正 admin 目錄預設頁路由,避免 403.14 與不必要的延遲重導 - 停用未使用的 Sites 多站點初始化,減少應用程式啟動成本 - 修正 Response.Redirect 後未 return 的流程,避免 1.8 分鐘超時 - 將資料庫 Connection Timeout 降為 10 秒,加速失敗回應 - 將 runAllManagedModulesForAllRequests 設為 false,讓 JS/CSS 等靜態檔案直接由 IIS 回應
This commit is contained in:
@@ -44,8 +44,8 @@
|
||||
<connectionStrings>
|
||||
<!--SQL用-->
|
||||
<!-- -->
|
||||
<add name="shopConn" providerName="System.Data.SqlClient" connectionString="Data Source=localhost;Initial Catalog=17168erp_t;User ID=17168erp;Password=17168erp;Encrypt=False;TrustServerCertificate=True;Provider=SQLOLEDB;" />
|
||||
<add name="ezEntities" connectionString="metadata=res://*/App_Code.Model.Model.csdl|res://*/App_Code.Model.Model.ssdl|res://*/App_Code.Model.Model.msl;provider=System.Data.SqlClient;provider connection string="Data Source=localhost;Initial Catalog=17168erp_t;User ID=17168erp;Password=17168erp;Encrypt=False;TrustServerCertificate=True;"" providerName="System.Data.EntityClient" />
|
||||
<add name="shopConn" providerName="System.Data.SqlClient" connectionString="Data Source=localhost;Initial Catalog=17168erp_t;User ID=17168erp;Password=17168erp;Encrypt=False;TrustServerCertificate=True;Provider=SQLOLEDB;Connection Timeout=10;" />
|
||||
<add name="ezEntities" connectionString="metadata=res://*/App_Code.Model.Model.csdl|res://*/App_Code.Model.Model.ssdl|res://*/App_Code.Model.Model.msl;provider=System.Data.SqlClient;provider connection string="Data Source=localhost;Initial Catalog=17168erp_t;User ID=17168erp;Password=17168erp;Encrypt=False;TrustServerCertificate=True;Connection Timeout=10;"" providerName="System.Data.EntityClient" />
|
||||
<!--SQL用-->
|
||||
</connectionStrings>
|
||||
<!--
|
||||
@@ -110,8 +110,31 @@
|
||||
<httpRuntime requestValidationMode="2.0" enableVersionHeader="false" />
|
||||
</system.web>
|
||||
<system.webServer>
|
||||
<!-- 設定預設文檔,解決目錄存取問題 (403.14) -->
|
||||
<!-- 適用於 IIS Express、IIS 根目錄、IIS 虛擬目錄/應用程式 等所有部署情境 -->
|
||||
<defaultDocument enabled="true">
|
||||
<files>
|
||||
<!-- 先移除可能存在的項目,避免重複錯誤 -->
|
||||
<remove value="index.aspx" />
|
||||
<remove value="Default.aspx" />
|
||||
<remove value="default.aspx" />
|
||||
<remove value="index.htm" />
|
||||
<remove value="index.html" />
|
||||
<!-- 然後按優先順序添加 -->
|
||||
<add value="index.aspx" />
|
||||
<add value="Default.aspx" />
|
||||
<add value="index.htm" />
|
||||
<add value="index.html" />
|
||||
</files>
|
||||
</defaultDocument>
|
||||
<!-- 支援路由有"." https://stackoverflow.com/questions/9273987/asp-net-mvc-url-route-supporting-dot -->
|
||||
<modules runAllManagedModulesForAllRequests="true" />
|
||||
<!-- 改為 false 提升靜態檔案效能(JS/CSS/圖片直接由 IIS 處理,不走 ASP.NET 管線)-->
|
||||
<!-- WebAPI 和 ASPX 頁面仍會正常處理 -->
|
||||
<modules runAllManagedModulesForAllRequests="false">
|
||||
<!-- 保留 UrlRoutingModule 讓 Web API 路由正常運作 -->
|
||||
<remove name="UrlRoutingModule-4.0" />
|
||||
<add name="UrlRoutingModule-4.0" type="System.Web.Routing.UrlRoutingModule" />
|
||||
</modules>
|
||||
<!--修補弱點:IIS 目錄列舉-->
|
||||
<security>
|
||||
<requestFiltering>
|
||||
|
||||
Reference in New Issue
Block a user