IT Nota

You are here: Home / How To / How to Customize 401 Error Page with 302 Redirect on IIS

How to Customize 401 Error Page with 302 Redirect on IIS

Continuing from the last post on customizing 401 error page on IIS, there’s a different way to do so by using 302 Redirection.

Using this method is actually a bit more simple to do, it’s just that you have to create a second website with a landing page to serve as your error page. Not everyone has this privilege to just have a second instance created in production environment, so it’s always good to have more options.

When you need to restrict access to your web application on IIS, any unauthorized users will see the standard 401 Error Page from IIS:

401 – Unauthorized: Access is denied due to invalid credentials. You do not have permision to view this directory or page using the credentials that you supplied.

Server Error 401

Instead of serving a default 401 Error Page, it’s always good to show a customized 401 page that is more user-friendly. Here’s a one way to do it by using a page redirect.

Steps to Use Custom 401 Error Page using 302 Redirect in IIS

  1. Create an HTML page as our custom 401 page. In this example, it will be called ITNOTA-Custom-401.htm.

    Simple custom 401 error page in HTML

  2. Create an instance in IIS just for this file and set this file as the main landing page (or use it as your index.htm). For this example, we’ll set this up as fwd.itnota.com with a file name of ITNota-Custom-401.htm.

  3. Next, launch Internet Information Services (IIS) Manager and click on your site on the left pane.

  4. Click on Error Pages.

    IIS Site Error Pages Settings

  5. On the next screen, you will see a list of default error pages according to its Status Code. In this example, we want to select 401.

    IIS Site Error Page 401

  6. On the Edit Custom Error Page window, click on the Respond with a 302 redirect radio button and type in the URL of the second website where your custom 401 page resides, including the file name, then click OK.

    IIS Custom 401 Error Page using 302 Redirect

That’s all there is to it.

As a test, we can try to load the page and this is also where using 302 redirect is different than using a static page within the same instance. If using Windows Authentication, you will not see the Windows Security screen to enter your NTID and password. It does the authentication in the background and if you’re not authorized, you will right away be redirected to the second web page that hosts the 401 custom page.

IIS Render Custom 401 Error Page HTML

Yes, it’s almost like an anti-climax to see a plain custom 401 error page being displayed. I hope you can come up with a much better design than my example to make all the effort worthwhile.

This setting for a custom 401 using 302 redirect works for both ASP.NET and Classic ASP.

Further Reading

How to Use Custom 401 Error Page on IIS
How to Fix Access Denied (401) Error in Microsoft IIS

Leave a Reply

Your email address will not be published.

Recent Posts

Tags

.NET Access AdSense ASP.NET Cdonts Dll Classic ASP Code Editor ETL FSharp Genesis Framework Git Google HP Asset Manager HTML HTML5 Hugo IIS Information Security Internet Internet Information Services iOS JAMStack Linux macOS Microsoft Microsoft SQL Server MVC PHP Python Simple Mail Transfer Protocol Smtp Server Social Media SQL SQL Server SSIS SSMS SSRS Sublime Text Visual Studio Visual Studio Code VPN Windows Windows 8 Windows 10 Windows Server