HomeRelated InformationIIS reports a 404 error: "The request filtering module is configured to reject requests containing double escape sequences."
Software Tutorial Related Information
IIS reports a 404 error: "The request filtering module is configured to reject requests containing double escape sequences."
Table of Contents

Error reason

  • Double escape sequences refer to situations where certain characters are escaped multiple times during string encoding. In URL encoding, special characters are typically escaped to ensure they are correctly transmitted and parsed by the server. For example, a space is escaped as "%20", and the plus sign (+) is usually not escaped because it represents a space in a URL. However, a double escape sequence occurs if the server mistakenly escapes a character that has already been escaped.

  • The server reports that its request filtering module is configured to reject requests containing double-escaped sequences. This could mean the server considers a plus sign in the URL to have been escaped twice—that is, escaped as %2B and then as %252B—which is considered incorrect. The server may reject such requests because it could lead to parsing errors or security issues.

Solution

Avoid escaping

  • The key to solving this problem is to ensure that the server correctly interprets special characters in the URL and avoids unnecessary escaping.

configuration file

Revise applicationHost.config File configuration: Please back up the file before making any changes, just in case.

Open IIS configuration file

  • You can do it by %SystemDrive%\Windows\System32\inetsrv\config Locate the corresponding site configuration file in the folder; it is usually named [filename]. \applicationHost.configThen open it using a text editor (such as Notepad).

Find URLScan settings

  • Search in the configuration file <requestFiltering> Partially. In IIS 7, by default, the URLScan module may block URL requests containing a plus sign.

Add a setting to allow plus signs

  • exist <requestFiltering> In this section, you can add a <allowDoubleEscaping> Element, set its value to trueThis allows plus signs in URLs. Example:
<security> <requestFiltering allowDoubleEscaping="true"></requestFiltering> </security>

Save and close the file

  • Make sure to save your changes and close the configuration file.

Restart IIS service

  • To ensure the changes take effect, restart the IIS service.

Download the whole site Software Tutorial Related Information Buy Login Services Tutorial Documentation Contact Us Full site translation
Software Applications: Front-end template download; development and design; SEO optimization; offline web browsing. Note: This software is not a hacking program and cannot download backend data!
Disclaimer: This service is for personal study, research, or enjoyment purposes only, and is for non-commercial, non-profit use. Users must comply with copyright laws and related regulations and must not infringe upon the legitimate rights and interests of this website and related rights holders. Any risks arising from the use of this tool are the sole responsibility of the user and are not the responsibility of the software itself.
Copyright © 2019-2026 Xiaofeitu Software. All Rights Reserved. Guangdong ICP Registration No. 19111427-2
Tutorial User Manual Website Special