Error : This configuration section cannot be used at this path. This happens when the section is locked at a parent level......?

When I uploaded the new website on Amazon EC2 server using IIS, I got HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid here are the more error details were

This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".

Config Source:
   33:     <urlCompression doDynamicCompression="true" doStaticCompression="true" dynamicCompressionBeforeCache="true" />
   34:     <modules>
   35:       <remove name="FormsAuthentication" />

Here is the image of the error

HTTP Error 500.19 - Internal Server Error

How can I resolve this issue?


Asked by:- neena
: 10749 At:- 10/2/2017 12:15:32 PM
IIS web-config amazon-ec2

3 Answers
profileImage Answered by:- manish

If you are on Windows(7,8, or 10), you can use these steps to resolve the above issue

  • Click "Start button"
  • in the search box, enter "Turn windows features on or off"
  • in the features window, Click: "Internet Information Services"
  • Click: "World Wide Web Services"
  • Click: "Application Development Features"
  • Check (enable) the features. I checked all but CGI.

In Windows Server

But as you have mentioned in your description about Amazon-EC2 Server IIS, You could also use the IIS Manager to edit those settings, and solve it using the Feature Delegation from the root of IIS:

  1. Open IIS Manager (Start, Run, type inetmgr.exe) and click the connection to the local server in the tree view on the left side. Scroll down the feature list, find Feature Delegation, and double-click to open.IIS-Server-ISSUE-Amazon-EC2
  2. The Feature Delegation page shows all the features and their default delegation state for all sites ("features" means all the items that appear in the home page feature list). Try Grouping by Delegation.
  3. Click a feature to see the delegation options in the task pane on the right.You can then control each of machine-level read/write permissions, which will otherwise give you the overrideMode="Deny" errors

Read complete article about it here

Any of the above solutions should work, depending on which looks easier to you, you can proceed with it.


You can also Run these 2 commands in Administrator Mode

%windir%/system32/inetsrv/appcmd unlock config /section:anonymousAuthentication

%windir%/system32/inetsrv/appcmd unlock config /section:windowsAuthentication


At:- 10/3/2017 3:39:29 PM Updated at:- 10/5/2022 6:52:27 AM

profileImage Answered by:- jaya

Go to IIS Manager. Select the Server and then Feature Delegation (in IIS 7.5 under Management Section). Go to Authentication Windows and set it as Read/Write.


Or You can follow these steps to resolve it

Browse to “C:\Windows\System32\inetsrv\config” (you will need administrator rights here) Open applicationHost.config

Note: In IISExpress and Visual Studio 2015 the applicationHost.config is stored in $(solutionDir).vs\config\applicationhost.config

Find the section that showed up in the “config source” part of the error message page. For me this has typically been “modules” or “handlers”

Change the overrideModeDefault attribute to be “Allow”

So the whole line now looks like:

<section name="modules" allowDefinition="MachineToApplication" overrideModeDefault="Allow" />

After saving the file, the page loaded up fine in my browser.

Warning: Editing applicationHost.config on 64-bit Windows


At:- 10/4/2017 11:33:48 AM Updated at:- 10/4/2017 11:35:16 AM

profileImage Answered by:- vikas_jk

You can also try to follow these steps on Windows Server

  • Open IIS Manager
  • Click the server name in the tree on the left
  • Right hand pane, Management section, double click Configuration Editor
  • At the top, choose the section system.webServer -> security -> authentication -> anonymousAuthentication
  • Right hand pane, click Unlock Section
  • At the top, choose the section system.webServer -> security -> authentication -> windowsAuthentication
  • Right hand pane, click Unlock Section

That should work

At:- 5/4/2022 12:14:27 PM

Login/Register to answer
Register directly by posting answer/details

Full Name *

Email *

By posting your answer you agree on privacy policy & terms of use