IIS7 doesn't like +'s in your URL's

So today I've been trying to sort out my apt mirror for Ubuntu having just moved it to a Windows server. The netinstall would start fine then keep saying there was a problem with certain packages and I couldn't work out why.

After a bit of detective work I realised that it's IIS having issues with the + signs in the package names. A bit more detective work and I found this workaround:

Request limits and URL processing

The following changes result due to additional restrictions on how IIS processes incoming requests and their URLs.

11) Request URLs containing unencoded “+” characters in the path (not querystring) is rejected by default

You will receive HTTP Error 404.11 – Not Found: The request filtering module is configured to deny a request that contains a double escape sequence.

This error occurs because IIS is by default configured to reject attempts to doubly-encode a URL, which commonly represent an attempt to execute a canonicalization attack.

Workaround:

1) Applications that require the use of the “+” character in the URL path can disable this validation by setting the allowDoubleEscaping attribute in thesystem.webServer/security/requestFiltering configuration section in the application’s web.config. However, this may make your application more vulnerable to malicious URLs:

As it says, I wouldn't use this for an externally facing site as it can make it less secure, but mine is for internal use only.