Optionally provide private feedback to help us improve this article...

Thank you for your feedback!


Installing InstantForum in a standard child directory

If you're installing InstantForum on a shared hosting account you may not have the option to install InstantForum within a dedicated IIS web application. Your hosting company may only allow one IIS web application for the root of your web site.

This article only applies if your not able to install InstantForum within the root of a IIS web application / virtual directory also sometimes referred to as application starting point.

To install InstantForum in a standard child directory of a IIS web site or web application you'll need to follow the steps below.

Our Example

For this example our main web site is called "MyWebSite". We'll use InstantForum 2017 as a basis for this article however the process is very similar in earlier versions of InstantForum. This example consists of a single IIS web application with InstantForum installed in a standard child directory called "forums". You can see this within IIS below…

As you can see the "MyWebSite" folder is our IIS web application / web site root and InstantForum is installed in a standard child directory called "forums" - this is not a web application. The name of the child folder you choose to install InstantForum to is important as we'll need to add this into your main web sites web.config file.

1. Copy the InstantForum assemblies into your web site root "bin" directory

You'll need to copy all .NET assemblies used by InstantForum into your root /bin directory. We would suggest simply copying the InstantForum/Bin folder into your main web site. If your main web site already contains references to assemblies used by InstantForum such as "Microsoft.AspNet.Identity.Core.dll" we would suggest leaving your existing versions in place and only copying the assemblies from InstantForum that don't already exist in your main web site.

InstantASP_Licenses.config

Ensure you leave the "InstantASP_Licenses.config" file within the forums\bin folder.

2. Add the following entries into your main web sites web.config file...

<?xml version="1.0" encoding="utf-8"?>
<configuration>

<configSections>
<sectionGroup name="InstantASP.Common">
 <section name="plugIns" requirePermission="false" type="InstantASP.Common.Plugins.PluginConfigurationHandler" />
 <section name="providers" requirePermission="false" type="InstantASP.Common.Providers.ProviderConfigurationHandler" />
</sectionGroup>
<section name="ajaxControlToolkit" type="AjaxControlToolkit.AjaxControlToolkitConfigSection, AjaxControlToolkit" requirePermission="false" />
<sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
 <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
 <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
 <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
 <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
</sectionGroup>
</configSections>

<connectionStrings> 
<!-- IMPORTANT: The connection string for your InstantForum database -->
<add name="InstantASP_ConnectionString" connectionString="Server=localhost;trusted_connection=true;database=InstantForum2017;" />  
</connectionStrings>

<appSettings>
<!-- IMPORTANT: The name of the folder containing the InstantForum files -->
  <add key="InstantASP_VirtualPath" value="forums" />
</appSettings>


<!-- InstantASP Configuration-->
<InstantASP.Common>
<!-- providers allow developers to swap or extend functionality -->
<providers>
 <userIdentity defaultProvider="InstantASPIdentityProvider">
<providers>
 <add name="InstantASPIdentityProvider" type="InstantASP.InstantForum.Providers.UserIdentity.InstantASPUserIdentityProvider, InstantASP.InstantForum" />
 <add name="OwinIdentityProvider" type="InstantASP.InstantForum.Providers.UserIdentity.OwinUserIdentityProvider, InstantASP.InstantForum" />
</providers>
 </userIdentity>
 <fileSystem defaultProvider="LocalStorageProvider">
<providers>
 <add name="LocalStorageProvider" type="InstantASP.InstantForum.Providers.FileSystem.LocalStorageProvider, InstantASP.InstantForum" />
 <!-- You must configure the connString and containerName to take advantage of Azure Blob Storage -->
 <!-- IMPORTANT: Your container name must be all lower case. The container will be created automatically if it does not already exist. This will be created as a Public container so it's accessible to everyone. Once set you should not change your container name as this will cause broken links -->
 <add name="AzureBlobStorageProvider" type="InstantASP.InstantForum.Providers.FileSystem.AzureBlobStorageProvider, InstantASP.InstantForum" connString="DefaultEndpointsProtocol=https;AccountName={accountName};AccountKey={accountKey}" containerName="{container}" />
</providers>
 </fileSystem>
 <viewState defaultProvider="SqlViewStateProvider">
<providers>
 <add name="SqlViewStateProvider" type="InstantASP.Common.Providers.ViewState.SqlViewStateProvider, InstantASP.Common" />
</providers>
<clear />
 </viewState>
 <logging defaultProvider="FileLoggerProvider">
<providers>
 <add name="FileLoggerProvider" type="InstantASP.Common.Providers.Logging.FileLoggerProvider, InstantASP.Common" />
</providers>
 </logging>
 <caching defaultProvider="CacheProvider">
<providers>
 <add name="CacheProvider" type="InstantASP.Common.Providers.Cache.CacheProvider, InstantASP.Common" />
 <add name="SqlCacheDependencyProvider" type="InstantASP.Common.Providers.Cache.SqlCacheDependencyProvider, InstantASP.Common" databaseName="" />
</providers>
 </caching>
</providers>
<plugIns>
 <!-- Add optional InstantForum interface plug-ins here -->
 <!-- plug-ins can interact with the containing pages control collection and events -->
 <!-- YourNameSpace.YourClassName, YourAssemblyName  -->
 <!--
 <Plugin name="JoinPrompt" type="InstantForum.Plugins.JoinPrompt, InstantForum.Plugins.JoinPrompt"/>
 <Plugin name="CustomRegistration" type="InstantForum.Plugins.CustomRegistration, InstantForum.Plugins.CustomRegistration"/>
 <Plugin name="RecentActivity" type="InstantForum.Plugins.RecentActivity, InstantForum.Plugins.RecentActivity"/>
 <Plugin name="RecentMemberActivity" type="InstantForum.Plugins.RecentMemberActivity, InstantForum.Plugins.RecentMemberActivity"/>
 <Plugin name="TagCloud20" type="InstantForum.Plugins.TagCloud20, InstantForum.Plugins.TagCloud20"/>
 <Plugin name="WhosOnMap" type="InstantForum.Plugins.WhosOnMap, InstantForum.Plugins.WhosOnMap"/>
 -->
</plugIns>
</InstantASP.Common>

<system.web>
<sessionState mode="InProc" timeout="60" />
<authentication mode="Forms">
<forms name="InstantASP" requireSSL="false" cookieless="UseCookies" loginUrl="Logon.aspx" protection="All" slidingExpiration="true" path="/" />
</authentication>
</system.web>

<system.webServer>

<modules runAllManagedModulesForAllRequests="true">
      <remove name="Detector" />
      <add name="SecurityModule" preCondition="managedHandler" type="InstantASP.Common.HttpModule.SecurityModule, InstantASP.Common" />
      <add name="RewriterModule" preCondition="managedHandler" type="InstantASP.InstantForum.HttpModule.URLRewritterModule, InstantASP.InstantForum" />
      <add name="ExceptionModule" preCondition="managedHandler" type="InstantASP.Common.HttpModule.ExceptionModule, InstantASP.Common" />
    </modules>
</system.webServer>

<runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-9.0.0.0" newVersion="9.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.WindowsAzure.Storage" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-1.5.2.14234" newVersion="1.5.2.14234" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.Owin.Security.Cookies" publicKeyToken="31bf3856ad364e35" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-3.0.1.0" newVersion="3.0.1.0" />
      </dependentAssembly>
    </assemblyBinding>
    <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
    <legacyHMACWarning enabled="0" />
    <!-- When targeting ASP.NET MVC 3, this assemblyBinding makes MVC 1 and 2 references relink
         to MVC 3 so libraries such as DotNetOpenAuth that compile against MVC 1 will work with it.
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="1.0.0.0-3.0.0.0" newVersion="3.0.0.0" />
      </dependentAssembly>
    </assemblyBinding>
     -->
  </runtime>

</configuration>

Application Settings

You'll need to add the InstantASP_VirtualPath application setting as shown below. This should be the relative path to your InstantForum folder from the root of your webs site. For example we've installed InstantForum to a child folder called "forums" so we simply enter this name...

<add key="InstantASP_VirtualPath" value="forums"/>

This will ensure our HTTP modules are able to find the configuration & localization files.

IMPORTANT: You can leave the InstantForum web.config file within the "forums" standard child folder however you will need to remove each of the tags we've copied into your main web sites web.config file.

The forums/web.config file

You can see below the web.config file for our forums/web.config file after we've moved all tags into the root web.config file. You may need to update your InstantForum web.config to replicate the web.config shown below...

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 
  <!--- NOTE: We've removed the InstantASP_VirtualPath application setting -->
  <appSettings> 
    <!-- Method used to hash or encrypt passwords stored within the InstantASP_Users table-->
    <!-- We would suggest using one way hashing such as SHA256 or SHA256 -->
    <!-- Possible values include (TripleDES, MD5, SHA1, SHA256, SHA384, SHA512, AES -->
    <add key="InstantASP_CryptographyMethod" value="SHA512" />
    <!-- All password hashes are already salted using a cryptographically safe salt  -->
    <!-- This salt is stored within the database alongside the generated hash -->
    <!-- For an extra layer of security you can also define a private pepper here that will be -->
    <!-- combined with the salt before the password is hashed -->
    <!-- This pepper can be any valid Int32 including negative and positive numbers -->
    <!-- This setting will be ignored if you use 2 way encryption such as AES -->
    <!-- This setting should not be changed once your site is live and you have real users -->
    <!-- You should keep this setting safe - if this pepper changes passwords will no longer be valid-->
    <!-- IMPORTANT: You should only include this setting if your using a fresh InstantForum 2016-1 or above installation -->
    <!-- If your upgrading from an earlier version of InstantForum you will need to remove this pepper -->
    <!--or set to 0 to ensure upgraded existing users can continue to login --> 
    <add key="InstantASP_CryptographyHashPepper" value="1092317465" />
    <!-- Whilst we would not suggest 2 way encryption if you enable AES  -->
    <!-- we would strongly recommend you change the AES Key below -->
    <!-- This key should be kept strictly private and can be of any length -->
    <!-- These settings should not be changed once your site is live and you have real users -->
    <add key="InstantASP_CryptographyAESKey" value="cRf9X7fqY@vNcBdjRpx5lcD75CFmFdb68c9Fvjg4uSClvIo2yjHa9q" />
    <!-- If you enable AES encryption you must specify a 16 byte / 128 bit Cipher Block Chaining (CBC) initialization vector here - this can be public -->
    <add key="InstantASP_CryptographyAESVector" value="@1B2c3D4e5F6g7H8" />
    <!-- Virtual path to location of the XML based configuration file defining file and folder names -->
    <add key="InstantASP_PageData" value="Pages.config" />
    <!-- Interval in milliseconds to poll the InstantASP_Sessions table and remove any expired data -->
    <!-- Example 300000 milliseconds polls the InstantASP_Sessions table every 5 mins and removes expired session data -->
    <!-- The default value is to poll for expired data every 1 minute i.e. every 60000 milliseconds -->
    <add key="InstantASP_SessionCleanUpInterval" value="60000" />
    <!-- Interval in milliseconds to poll the InstantASP_Emails table and send any queued emails -->
    <!-- Example 300000 milliseconds polls the InstantASP_Emails table every 5 mins to send queued emails -->
    <!-- The default value is to poll for emails every 1 minutes i.e. every 60000 milliseconds -->
    <add key="InstantASP_EmailInterval" value="60000" />
    <!-- Determines which is method is used within the application to log any exceptions that may occur -->
    <!-- Possible event log options are: ToFile, ToEventLog Or ToEmail. To disable use None. -->
    <!-- If you choose ToFile exceptions will be written to Exceptions.config within the installation root -->
    <!-- If you choose ToEventLog you must ensure your application has permissions to write to the server event log -->
    <add key="InstantASP_ExceptionLogMethod" value="None" />
    <!-- Determines which email address is used to send exception notifications to if the above -->
    <!-- InstantASP_ExceptionLogMethod setting is set to ToEmail. -->
    <add key="InstantASP_ExceptionEmailAddress" value="you@company.com" />
    <!-- Period in seconds allowed for queries before they timeout, if your performing a large -->
    <!-- job such as deleting a forum containing thousands of posts and your receiving timeout -->
    <!-- exception errors this value may need to be increased to allow the query to complete -->
    <add key="InstantASP_CommandTimeout" value="240" />
    <!-- Interval in milliseconds to poll the built in tasks such as deleting temporary attachments, -->
    <!-- deleting search results and deleting read forum and topic information, the custom scheduled tasks -->
    <!-- within the InstantASP_ScheduledTasks table are also polled at this interval -->
    <add key="InstantASP_TaskInterval" value="75000" />
    <!-- Determines if roles are stored in the forms authentication ticket. If enabled (True) you can perform checks -->
    <!-- against the current users role using System.Web.HttpContext.Current.User.IsInRole("Forum Members") -->
    <!-- when enabled (True) this also ensures support for web.config authorization tags, i.e. you may wish to restrict access to -->
    <!-- an entire directory based on the users current roles using the <Authorization> tags within the web.config -->
    <!-- we provide the option to disable storing user roles in the forms authentication ticket as this can create problems -->
    <!-- if you have lots of roles associated with a user, cookies can only store a limited number of characters and if -->
    <!-- the role list bound to the user exceeds the length of characters allowed in the cookie the user cannot login -->
    <!-- if you have lots of roles associated with users and they are reporting any login issues try turning this setting to false -->
    <!-- unfortunately this is a limitation of forms authentication within .NET v1.1, .NET v2.0 addresses this issue -->
    <!-- with role caching by separating roles into separate cookies and we'll be moving towards this with later releases -->
    <add key="InstantASP_StoreRolesInFormsAuthenticationTicket" value="True" />
    <!-- If you install InstantForum.NET within a sub-folder of a IIS web application you will -->
    <!-- need to provide the full virtual path from the root of your web application to the -->
    <!-- forum installation below, For example if you install the forum to a web application -->
    <!-- located at c:\test\ but you wanted to add the forum to c:\test\forums\myforum\-->
    <!-- you would modify the setting below to read "forums/myforum" This indicates the -->
    <!-- virtual path from the web application root, if you don't install the forum to the -->
    <!-- root of a web application please ensure you move the bin directory and this web.config  -->
    <!-- to your web applications root directory, typically you can leave this blank, it is only -->
    <!-- required if you don't install InstantForum.NET within the root of a IIS web application -->    
    <!-- If your SMTP Server requires a SSL connection change this setting to "True" -->
    <add key="InstantASP_EnableSSLForSMTPServer" value="false" />
    <!-- set to "true" to help debug any email problems -->
    <add key="InstantASP_EnableSMTPDebug" value="false" />
    <!-- If "true" emails will not be queued and will be sent immediately -->
    <add key="InstantASP_AutoFlushMailQueue" value="false" />
    <!-- can be used to ensure all uploads are stored in a central share -->
    <!-- you can use a UNC network share as in \\<servername>\<foldername>\ -->
    <!-- or you can use a physical path such as c:\shared\ - this is for load balanced -->
    <!-- environments where you need a central file store for all uploaded files -->
    <add key="InstantASP_UploadPath" value="" />
    <!-- if debug mode is set to true and core.js or core.css don't exist -->
    <!-- scripts will be bundled and minified into the respective resource -->
    <add key="InstantASP_DebugMode" value="true" />
    <!-- Required for .NET 4.5 -->
    <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
  </appSettings>
 
  <ajaxControlToolkit renderStyleLinks="false" />
  <!-- /InstantASP Configuration-->
  <system.web.extensions>
    <scripting>
      <webServices>
        <jsonSerialization maxJsonLength="2147483647" />
      </webServices>
    </scripting>
  </system.web.extensions>
  <!--
    For a description of web.config changes see http://go.microsoft.com/fwlink/?LinkId=235367.

    The following attributes can be set on the <httpRuntime> tag.
      <system.Web>
        <httpRuntime targetFramework="4.5" />
      </system.Web>
  -->
  <system.web>
    <!--
    Globalization & encoding options
    <globalization
           fileEncoding="utf-8"
           requestEncoding="utf-8"
           responseEncoding="utf-8"
           culture="en-US"
           uiCulture="de-DE"
        />
    -->
    <webServices>
      <protocols>
        <add name="HttpGet" />
        <add name="HttpPost" />
      </protocols>
    </webServices>
    <!-- these settings are required only if you have the SqlCacheDependencyProvider enabled -->

   
    <httpHandlers>
      <!-- InstantASP Handlers -->
      <add verb="GET,HEAD,POST" type="InstantASP.Common.HttpHandlers.SpellHandler" path="spell.ashx" />
      <add verb="GET,HEAD" type="InstantASP.Common.HttpHandlers.ScriptBundler" path="v_*.js" />
      <add verb="GET,HEAD" type="InstantASP.Common.HttpHandlers.ScriptBundler" path="v_*.css" />
      <!-- /InstantASP Handlers -->
    </httpHandlers>
    <!-- Required HttpModules -->
    <!-- These must be included in your web.config for the application to function correctly. -->
    <httpModules>
      <!-- ASP.NET Ajax HttpModule -->
      <!-- ASP.NET Ajax HttpModule -->
      <!-- HttpModule used to manage user authentication -->
      <add type="InstantASP.Common.HttpModule.SecurityModule, InstantASP.Common" name="SecurityModule" />
      <!-- HttpModule used to monitor and handle any application exceptions -->
      <add type="InstantASP.Common.HttpModule.ExceptionModule, InstantASP.Common" name="ExceptionModule" />
      <!-- HttpModule used to perform dynamic URL rewriting -->
      <add type="InstantASP.InstantForum.HttpModule.URLRewritterModule, InstantASP.InstantForum" name="RewriterModule" />
      <!-- HttpModule used to manage general tasks within all InstantASP applications
      <add type="InstantASP.Common.HttpModule.ServiceModule, InstantASP.Common" name="ServiceModule"/>
      HttpModule used to manage application generated emails 
      <add type="InstantASP.Common.HttpModule.EmailModule, InstantASP.Common" name="EmailModule"/>      
      HttpModule used to manage scheduled tasks specific to InstantForum 
      <add type="InstantASP.InstantForum.HttpModule.ForumModule, InstantASP.InstantForum" name="ForumModule"/>
      -->
    </httpModules>
    <!-- 
        Set compilation debug="true" to insert debugging 
        symbols into the compiled page. Because this 
        affects performance, set this value to true only 
        during development.
    -->    
    <compilation debug="true" targetFramework="4.5">
      <assemblies>
        <add assembly="System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
        <add assembly="System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
      </assemblies>
    </compilation>
    <!-- if your using the InstantASP_UploadPath application setting to save files to a central UNC sahre -->
    <!-- you may need to uncomment the line below and ensure your using the correct user with permissions to save files on this share -->
    <!-- the username and password should be the same as the account you specify on the file server -->
    <identity impersonate="false" userName="" password="" />
    <!-- When uploading a file to the web server, we have a limit of 4MB by default with asp.net. -->
    <!-- The value is set in the key, maxRequestLength below in kilobytes. -->
    <!-- Increase this value to allow larger file uploads -->
    <!-- This value should be increased to allow larger uploads when adding attachments to posts. -->
    <!-- The default setting for this key is 30MB. -->
    <httpRuntime targetFramework="4.0" requestValidationMode="2.0" requestPathInvalidCharacters="&lt;,&gt;,*,%,&amp;,\,?" maxRequestLength="30720" />
    <!-- Encryption keys for forms authentication cookies. This ensures they remain consistent
    between multiple servers or multiple web applications, if you authenticate a forum user within
    a parent web application using the InstantASP API you should uncomment this element and ensure
    this also exists within the parent web applications web.config file, also useful if you have
    problems maintaining view state across a web cluster 
    <machineKey validationKey="BD52058A3DEA433EA99F29418689528A494DF2B00054BB7C" 
    decryptionKey="684FC9301F404DE1B9565E7D943005579E823307BED44885"/> -->
    <!-- Buffer should ideally be set to true, If disabled the worker process needs to continuosly -->
    <!-- stream responses from all concurrent requests which can be a significant overhead -->
    <!-- remove the validaterequest attribute if your running .NET framework 1.0 to disable request validation -->
    <!-- enableViewStateMac should be set to "true" for security reasons http://msdn.microsoft.com/en-us/magazine/ff797918.aspx -->
    <pages buffer="true" viewStateEncryptionMode="Always" enableViewStateMac="true" validateRequest="false" clientIDMode="AutoID">
      <controls>
        <add tagPrefix="AjaxControlToolkit" namespace="AjaxControlToolkit" assembly="AjaxControlToolkit" />
      </controls>
    </pages>
    <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.
    -->
    <customErrors mode="RemoteOnly" defaultRedirect="ErrorPage.aspx">
      <error statusCode="403" redirect="ErrorPage.aspx" />
      <error statusCode="404" redirect="ErrorPage.aspx" />
      <error statusCode="500" redirect="ErrorPage.aspx" />
    </customErrors>
    <xhtmlConformance mode="Strict" />
  </system.web>
  <location path="skins">
    <system.webServer>
      <caching>
        <profiles>
          <add varyByQueryString="*" location="Any" duration="00:00:01" policy="CacheForTimePeriod" extension=".js" />
        </profiles>
      </caching>
    </system.webServer>
  </location>
  <location path="js">
    <system.webServer>
      <caching>
        <profiles>
          <add varyByQueryString="*" location="Any" duration="00:00:01" policy="CacheForTimePeriod" extension=".js" />
        </profiles>
      </caching>
    </system.webServer>
  </location>
  <location path="images">
    <system.webServer>
      <caching>
        <profiles>
          <add varyByQueryString="*" location="Any" duration="00:00:01" policy="CacheForTimePeriod" extension=".js" />
        </profiles>
      </caching>
    </system.webServer>
  </location>
  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <remove name="X-Powered-By" />
      </customHeaders>
    </httpProtocol>
    <!-- Helpful for debugging in Integrated Application Pools   -->
    <httpErrors errorMode="Detailed" />
    <staticContent>
      <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="365.00:00:00" />
    </staticContent>
    <httpCompression directory="%SystemDrive%\inetpub\temp\IIS Temporary Compressed Files">
      <scheme name="gzip" dll="%Windir%\system32\inetsrv\gzip.dll" staticCompressionLevel="9" />
      <dynamicTypes>
        <add mimeType="text/*" enabled="true" />
        <add mimeType="message/*" enabled="true" />
        <add mimeType="application/javascript" enabled="true" />
        <add mimeType="application/x-javascript" enabled="true" />
        <add mimeType="application/x-javascript; charset=utf-8" enabled="true" />
        <add mimeType="application/json" enabled="true" />
        <add mimeType="application/json; charset=utf-8" enabled="true" />
        <add mimeType="*/*" enabled="false" />
      </dynamicTypes>
      <staticTypes>
        <add mimeType="text/*" enabled="true" />
        <add mimeType="message/*" enabled="true" />
        <add mimeType="application/javascript" enabled="true" />
        <add mimeType="application/x-javascript" enabled="true" />
        <add mimeType="application/x-javascript; charset=utf-8" enabled="true" />
        <add mimeType="application/atom+xml" enabled="true" />
        <add mimeType="application/xaml+xml" enabled="true" />
        <add mimeType="application/json" enabled="true" />
        <add mimeType="application/json; charset=utf-8" enabled="true" />
        <add mimeType="*/*" enabled="false" />
      </staticTypes>
    </httpCompression>
    <urlCompression doStaticCompression="true" doDynamicCompression="true" />
    <validation validateIntegratedModeConfiguration="false" />
   
    <handlers>
      <add name="WildCard For Forum" path="*" verb="*" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" resourceType="Unspecified" requireAccess="None" preCondition="classicMode,runtimeVersionv4.0,bitness32" />
      <add name="SpellChecker" verb="GET,HEAD,POST" type="InstantASP.Common.HttpHandlers.SpellHandler" path="spell.ashx" preCondition="integratedMode" />
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <remove name="OPTIONSVerbHandler" />
      <remove name="TRACEVerbHandler" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
    <defaultDocument>
      <files>
        <clear />
        <add value="default.aspx" />
        <add value="Default.htm" />
        <add value="Default.asp" />
        <add value="index.htm" />
        <add value="index.html" />
        <add value="iisstart.htm" />
      </files>
    </defaultDocument>
  </system.webServer>

  <dotNetOpenAuth>
    <messaging>
      <untrustedWebRequest>
        <whitelistHosts>
          <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
          <!--<add name="localhost" />-->
        </whitelistHosts>
      </untrustedWebRequest>
    </messaging>
    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
    <reporting enabled="true" />
    <!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
    <!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
    <openid>
      <relyingParty>
        <security requireSsl="false">
          <!-- Uncomment the trustedProviders tag if your relying party should only accept positive assertions from a closed set of OpenID Providers. -->
          <!--<trustedProviders rejectAssertionsFromUntrustedProviders="true">
            <add endpoint="https://www.google.com/accounts/o8/ud" />
          </trustedProviders>-->
        </security>
        <behaviors>
          <!-- The following OPTIONAL behavior allows RPs to use SREG only, but be compatible
               with OPs that use Attribute Exchange (in various formats). -->
          <add type="DotNetOpenAuth.OpenId.RelyingParty.Behaviors.AXFetchAsSregTransform, DotNetOpenAuth.OpenId.RelyingParty" />
        </behaviors>
      </relyingParty>
    </openid>
  </dotNetOpenAuth>
  <uri>
    <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
         which is necessary for OpenID urls with unicode characters in the domain/host name.
         It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
    <idn enabled="All" />
    <iriParsing enabled="true" />
  </uri>
</configuration>

You can optionally add the InstantForum database connection string to your web sites web.config file.This is only needed if you wish to references our assemblies from your website code and use our .NET API to query data from your own web application.

<connectionStrings>
<add name="InstantASP_ConnectionString" connectionString="server=localhost;trusted_connection=true; database=InstantForum;" />
</connectionStrings>

HttpModules

You'll need to add the following HTTP Modules to your root web sites web.config file. This should be placed inside the <System.Web> element.

<httpModules>
<add type="InstantASP.Common.HttpModule.SecurityModule, InstantASP.Common" name="SecurityModule"/>
<add type="InstantASP.Common.HttpModule.ServiceModule, InstantASP.Common" name="ServiceModule"/>
<add type="InstantASP.Common.HttpModule.EmailModule, InstantASP.Common" name="EmailModule"/>
<add type="InstantASP.Common.HttpModule.ExceptionModule, InstantASP.Common" name="ExceptionModule"/>
<add type="InstantASP.InstantForum.HttpModule.URLRewritterModule, InstantASP.InstantForum" name="RewriterModule"/>
<add type="InstantASP.InstantForum.HttpModule.ForumModule, InstantASP.InstantForum" name="ForumModule"/>
</httpModules>

Or if your using IIs 7 "Integrated" application pools you'll need to add the same HTTP modules to your <System.WebServer> element as shown below…

<modules>
<add name="SecurityModule" preCondition="managedHandler" type="InstantASP.Common.HttpModule.SecurityModule, InstantASP.Common"/>
<add name="ServiceModule" preCondition="managedHandler" type="InstantASP.Common.HttpModule.ServiceModule, InstantASP.Common"/>
<add name="EmailModule" preCondition="managedHandler" type="InstantASP.Common.HttpModule.EmailModule, InstantASP.Common"/>
<add name="RewriterModule" preCondition="managedHandler" type="InstantASP.InstantForum.HttpModule.URLRewritterModule, InstantASP.InstantForum"/>
<add name="ForumModule" preCondition="managedHandler" type="InstantASP.InstantForum.HttpModule.ForumModule, InstantASP.InstantForum"/>
</modules>

3. Ensure you only have 1 <authentication> element in your root web.config

You may need to remove the following tag from the forum web.config file if the forum is installed in a standard child folder.

<authentication mode="Forms">
<forms name="InstantASP" cookieless="UseUri" loginUrl="Logon.aspx" protection="All" slidingExpiration="true" path="/" />
</authentication>

You should ensure this tag is present in your root web.config. InstantForum requires forms authentication to be enabled.

4. Copy InstantForum Start-Up Script into your main web site

From within your InstantForum folder you will need to move the following files into the root of your web site or in this example the root of our MyWebSite folder.

  • Move the App_Code from within InstantForum into your main web site folder.
  • Move the Global.asax and Global.asax.cs into your main web site folder

So your main web site root directory would look like so...

Again you would move or cut the App_Code folder and Global.asax and Global.asax.cs files from within the InstantForum folder into the root of your main web site. The App_Code folder and Global.asax need to exist at the root of your IIS web application which in this example is our MyWebSite folder.

Download

To help demonstrate this we've enclosed a sample download below. This download only contains the files you would need to modify and does not contain a full InstantForum download.

That's It!

I hope this information has been helpful. As always if you have any questions please don't hesitate to contact us.

Attachments


MyWebSite.zip 12.00 KB, 79 views