I have an MVC 5 app, developed under .NET 4.6 and MVC 5.2.3 that works 100% when I debug it in Chrome and Edge on my machine. When I deploy to shared hosting at my ISP, it gives the following error on every request after the very first one, which succeeds and shows the login page.
403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied.
Then if I clear a cookie called
.AspNet.ApplicationCookie
from Chrome, then the next request succeeds, but the cookie is back and all subsequent requests fail in the same manner.
I am not using application state in any of my own code, and the only packages I have added to those that come with the standard VS2015 project template are:
AutoMapper
elmah.corelibrary
Elmah.Mvc
Unity
Unity.Mvc5
If I've done this correctly, when I check for cookies in Edge, there no such cookie, only the
__RequestVerificationToken
, which plays no role (outside the scope of this question) in Chrome.
What I have tried:
Logged a support call with the ISP, but 36 hours later still no response.