Why I am not able Turn Off CustomErrors?

This week I got an interesting issue altogether. One of my customers was unable to turn off the CustomErrors at all. We checked all the web.config files in hierarchy including the web.config and machine.config in C:\WINNT\Microsoft.NET\Framework\v2.0.50727\CONFIG. All files had an entry <customErrors mode="Off"/>, purposefully added to avoid this behavior. But we were still getting below message whenever any exception comes up –

Server Error in '/Test' Application.

--------------------------------------------------------------------------------

Runtime Error

Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed.

Details: To enable the details of this specific error message to be viewable on the local server machine, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "RemoteOnly". To enable the details to be viewable on remote machines, please set "mode" to "Off".

<!-- Web.Config Configuration File -->

<configuration>

    <system.web>

        <customErrors mode="RemoteOnly"/>

    </system.web>

</configuration>

Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.

<!-- Web.Config Configuration File -->

<configuration>

    <system.web>

        <customErrors mode="On" defaultRedirect="mycustompage.htm"/>

    </system.web>

</configuration>

This message was common while browsing the application on both client and server. So one thing was for sure that some setting in some config file is turning on the CustomErrors with mode = “on”.

Now customer wanted to see the exception which was coming up. Though ASP.NET 2.0 by default logs it in the event logs, it is not possible for all of the developers to log onto the server and check the event logs.

So while troubleshooting this issue we found the machine.config on the server is bigger than usual size (19KB).

So when I checked the machine.config file, we found it was having <deployment retail="true"/> added in it. This entry reminded me of Praveen’s Blog entry around debugging issue when retail is set to true. We removed it and we were spot on.

The use of the <deployment retail="true"/> switch in the machine.config file turns off the ability to show detailed ASP.NET error messages both to remote clients and locally. So effectively it acts as <customErrors mode="On"/> is set.

This deployment retail switch should still be your primary method of turning off these error messages (detailed errors on browsers) if you are running ASP.NET 2.0. (To get detailed information regarding ASP.NET exceptions, use the Application Event Log.)

The only resolution for this to remove the <deployment retail="true"/> switch by either commenting it out or setting retail= false.

Alternatively you can show the custom error pages itself as the messages suggest.

For more information on Retail member check https://msdn2.microsoft.com/en-us/library/system.web.configuration.deploymentsection.retail(VS.80).aspx.

I hope this help!