IIS Tutorial

To deliver Web content over the Internet, we can easily develop various web applications and services. But, the efficient accessibility of web content needs a scalable web server that can handle the user requests. Internet Information Services (IIS) helps us in achieving this. It is a web server that manages, hosts, and deploys the applications to make them accessible to real-time users. In this tutorial, we will learn everything about IIS, from the basics to its configuration steps so that we can easily use it to host our application. 

Table of Contents 

• Overview
• Why IIS?
• Available Versions of IIS
• IIS Express and IIS
• IIS Architecture and Components
• Windows Process Activation Service
• What are Modules in IIS?
• How does IIS handle requests?
• Setting up the IIS Server
• Working with IIS Server
• How to Add Website in IIS Server?
• Frequently Asked Questions 

Overview

The Internet Information Services (IIS) is a Web Server for managing and hosting our web applications and services using protocols such as HTTP, HTTPS, FTP, and many more along with Security features such as TLS and SSL. It allows the users to configure the servers for hosting web applications based on technologies like ASP.NET, classic ASP, and PHP. In addition to this, we can also utilize the logging and monitoring feature to analyze the server performance. 

In other words, the IIS Web Server is just like a normal server that is a medium of communication between the client and the application. It processes the request coming from the client and serves them with the response based on the services or application. In this way, the application we develop is used by users through the IIS Server. Now, a question may arise in your mind, what are the features that differentiate the IIS Web Server? Let us look into them.

Explore in-depth insights on key IIS projects for hands-on practice and receive expert guidance to address your queries during our ." IIS Training"  sessions led by our skilled trainers.

Why IIS?

Following are the features of the IIS Web Server due to which it is a popular choice among developers. 

• IIS has a simple configuration: The configuration of the IIS Web Server is based on the well-structured XML format that is simple to read and understand. The configuration logs are stored in the same directory in which the application content resides. Thus, the configuration information can easily move along with the site, from machine to machine. 
• We can use Microsoft Web Tools: IIS provides Microsoft Web Deployment Tool for synchronization of web content and configuration, managing the dependencies such as GAC assemblies, SQL databases, SSL certificates, etc. 
• HSTS Protocol Enhances Security: Using the HTTP Strict Transport Security (HSTS) Protocol, the website can declare itself a secure host and inform the browsers to make requests only through the HTTP connections. Thus, various cyber risks are reduced. 
• We can centrally Manage the websites: We can share the IIS configuration through the Central Web Farm so that the configuration and updates can be automatically applied to all the connected servers.
• IIS has a scalable architecture: IIS has a component called Load Balancing and Application Request Routing (ARR) that can easily identify the best content server using the HTTP response header, server variables, and Load Balancing Algorithms. Thus, a large number of user requests can be easily handled. 
• Dynamic Caching improves the site speed: IIS allows the administrators of the site to statically or dynamically cache the web content in the memory. This reduces the step of generating the dynamic content through script execution. Hence, website performance increases in terms of speed. 
• We can diagonalize the server issues: The server errors and issues are visible as the actionable error messages. Thus, troubleshooting is simplified in the IIS Webserver. Along with this, Automatic Failed Request Tracing helps identify the pre-configured failure condition.

Available Versions of IIS

The very first version of IIS was the IIS 6 which introduced support for IPv6 and after that, IIS 7, IIS 7.5, IIS 8, IIS 8.5, and IIS 10.0 came with some additional features. But, the latest version of IIS Webserver is IIS 10.0 Version 1809 which is available as a role-based feature in the Windows 10 October 2018 Update and Windows Server 2019. 

This latest has several new features such as the New binding flags, new compression APIs, and UI for HTTPS Strict Transport Security. Previous to this, the IIS 10.0 version 1709 introduced the features such as the HSTS protocol, Logging Enhancements new server variables for the Cryptographic Protocol, the Cipher algorithm, the Key Exchange Algorithm, and the Message Authentication Algorithm. 

IIS Express and IIS

While learning about the IIS Webserver, you might get confused between the IIS Express and IIS. Let us quickly look at them so that there will not be any conflicts while working with the IIS Webserver.  Both are Webservers but there is a significant difference between them.

IIS Express is a self-contained version of IIS that is mainly used by developers. The worker processes management in both the IIS Express and IIS are also different. In IIS, the Windows Process Activation Service (WAS) is responsible for activating and deactivating the web application. Hence, the user has no direct control. But, in IIS Express, the user has full control over the application activation and deactivation. So, the correct choice between the IIS Express and IIS depends on your specific requirements for application management and deployment.

Related Article: How to Install IIS

IIS Architecture and Components

Before getting started with IIS Webserver, it is very important to understand the architecture of this server. This will help us to easily configure it for managing our application. In simple terms, IIS has a request-processing architecture that has the Windows Process Activation Service (WAS) for protocol management, a Web server engine for request processing, and Integrated request-processing pipelines from IIS and ASP.NET. 

Now, let us have a thorough understanding of all the components of IIS. Its architecture has the following components that individually contribute to our server management. 

Protocol Listeners 

Whenever a user sends a request to a server, these requests have to be listened to by the server so that it can process them and generate the response. Therefore, these components are responsible for listening to the protocol-specific requests and sending them to the IIS Server for processing and transferring the responses to the requestors. 

For example, HTTP.sys is the default protocol listener for HTTP and HTTPS requests with the support of Secure Sockets Layer (SSL).  HTTP Listener was introduced in IIS 6 and it is still supported in the new versions. 

WWW Publishing Services

These services take care of the HTTP Administration and Configuration,  Performance Monitoring, and Process Management. It works as a Listener Adapter for HTTP Listener and reads the configuration information in the IIS metabase. It uses this information to configure and update HTTP Listeners. Also, it performs the tasks of starting, stopping, monitors and managing worker processes.

Windows Process Activation Service (WAS)

This component manages the application pool configuration and worker processes. During the startup, WAS reads the Global configuration, Protocol, Application pool, Site configuration, and Application configuration from the ApplicationHost.config file and passes it to Listener Adapters on the server. 

If we change the ApplicationHost.config file, WAS receives a notification and updates the Listener Adapters with the new information. An important point about the WAS Component is that it is independent and can run without the WWW Service.

Application Pool 

It often happens that multiple applications are running on the server due to which one website can affect another website. To prevent this, Application Pools separate those applications by process boundaries. Each Application Pool runs a separate worker process and uses the worker process isolation mode for this purpose. It has an Integrated as well as Classic Application Pool Mode to handle the requests that involve managed resources.

The components discussed above are represented in the diagram as shown below.

What are Modules in IIS?

In the new architecture of IIS, we can add or remove components instead of keeping the functionality within the servers. These components are called Modules. Hence, Modules are the individual features that are used by the server to process the request. We can easily control the Modules and customize the server as per the specific role. Not only this, we can also use custom modules to replace existing modules to enable the new features. 

IIS provides various Native modules such as HTTP, Security, Content, Compression, Caching, Logging, and Diagnostic Modules. Also, it has Managed Modules which are the managed code modules to extend the IIS functionality.

How does IIS handle requests?

The IIS Architecture includes the native and managed modules to perform the processing of the response. It simplifies the administration of sites and applications. Let us now understand the entire request processing in IIS through a step-by-step approach. Suppose an application is accessed by a client machine through the IIS Server, then the request processing is stated below. 

• Request initiation: The Client initiates an HTTP request which is listened to by the HTTP.sys protocol listener listens to it.
• Request for Configuration Information: HTTP.sys communicates to Windows Process Activation Service(WAS) to obtain the configuration information. 
• Obtaining Configuration Information: WAS initiates a request to the configuration store and obtains the configuration information from applicationHost.config.  
• Receiving Configuration Information: The World Wide Web (WWW) Service receives the configuration information that may include the Application Pool and site configuration. 
• Using the Configuration Information: WWW configures the HTTP.sys using the configuration information. 
• Processing the request: Then, WAS starts a worker process for the corresponding Application Pool to which the request was made. 
• Generating the Response: The processing Worker Process handles the request, processes it, and generates a response to HTTP.sys.
• Receiving the Response: Finally, the Client Machine receives the response. 

After learning about the architecture and Request Processing, it is now time to set up the IIS Webserver on our Windows System so that we can practically implement these concepts.

Setting up the IIS Server

Step 1: Type ‘Turn Windows Feature on or off’ in the search bar and open its console as shown below.

Step 2: In the feature list, select ‘Internet Information Services’ and enable the required features as illustrated below. Then, click the ‘OK’ button to continue.

Step 3: Close the pop after the IIS feature has been enabled.

Step 4: Type ‘IIS’ on the search bar and open the IIS Manager as shown below.

Step 5: The console of IIS Manager pops up as depicted below.

Working with IIS Server

We have successfully enabled the IIS Server on our Windows System. Now, we will learn how to use the IIS Server to manage our application. However, it is important to get an overview of some components for the sake of a better understanding of the IIS Server. 

Concept of Ports

Ports refer to the numerical endpoints that are identified by the networking protocol to deliver the server requests. Thus, they act as a channel or gateway for communication between servers and clients. For example, the default port for the IIS Server is 80. If you wish, you can change the port using the following Steps. 

Step 1: Right-click on the site and select bindings.

Step 2: The pop-up appears in which you can change the port through which the website communicates with the server. 

Log Files 

Log files play a crucial role in managing the IIS Server as they keep track of all the activities of the server. The Log files provide visibility to all the actions that we specify in the server. We can also filter them by time and date or amount of data transmitted to get a clearer overview of server activities. 

You can use the below steps to access your log files.

Step 1: In the IIS Manager interface, double-click on the ‘Logging’ option as shown below.

Step 2: You can see the various options to customize your Log File Tracking. You can also change the directory where the Log Files are stored by clicking on the Browse option. In the upper-right corner, click on the ‘View Log Files’ option.

Step 3: The directory containing the log files opens up as depicted below. You can easily analyze the various activities or actions to keep track of the server.

Adding an Application Pool

An Application Pool is like a container that groups one or more worker processes in an isolated manner so that one application cannot affect another application on the server. By default, the IIS Server has ‘DefaultAppPool’ but, you can add a custom Application Pool using the following steps.

Step 1: Click on the Application Pool on the left pane of the IIS Manager. 

Step 2: Right-click on the Screen and select the ‘Add Application Pool’ option.

Step 3: Specify the name and mode for your application pool and click ‘OK.’

Step 4: The application pool we created is visible as shown below.

Virtual Directories

Virtual Directory are like pointers to the physical directory on our system. It allows the server to serve content from outside the web root. Let us understand this using an example. Suppose there is an image folder outside the root directory of the website and the server wants to serve its content to users. So, we have to create a virtual directory that points to this image folder. 

Thus, the server can easily use virtual directories so that users can access those outside images using the URL path. Now, let us see how to add the Virtual Directory to our default web directory. 

Step 1: Select the website as shown below. Then, on the right pane, click on ‘View Virtual Directory.’

Step 2: Now, select the ‘Add Virtual Directory’ option on the right pane and specify the name and physical path.

Step 3: The virtual directory is added as depicted below.

Using SSL Certificates

The organizations have major concerns regarding the countless security threats and vulnerabilities such as unauthorized access. Secure Socket Shell (SSL) allows us to prevent unauthorized data access by encrypting the data. Therefore, we can prevent third parties and hackers from accessing the data. 

To add the SSL Certificate to your site, you first have to obtain an SSL certificate from a trusted source. In this tutorial, we are creating a self-assigned certificate to get a basic understanding of how to configure the certificates in the IIS Web Server. 

Step 1: Double-click on the ‘Server Certificates’ in the IIS Manager.

Step 2: Select the ‘Self-Signed Certificate’ option as shown below.

Step 3: Specify the name and certificate store.

Step 4: Then, go to the sites under the Server directory. Select the side and choose the ‘Bindings’ option on the right pane as illustrated below.

Step 5: Click on the ‘Add’ option in the site bindings pop-up. Choose the type as ‘https’ and select the certificates from the dropdown and click on the ‘OK’ button.

Step 6: The sample certificate that we added is visible on the right pane as shown below.

If you want more specific information about the SSL Configuration in SSL, we recommend visiting the official documentation at https://learn.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis.

How to Add Website in IIS Server? 

After we have learned the basics, let us move on to the next step which is adding the website on the IIS Server. For simplicity, we will create a simple static application and add that website to our IIS Server. 

Step 1: Create the static application having the HTML, CSS, and JavaScript files which are visible as stated below.

Step 2: Click on the ‘Add Website’ button visible on the right pane.

Step 3: Specify the name of your application, its Application Pool, its location, and its port. Since the default port is 80 which is already in use, we are assigning the port 82. Then, click on the ‘OK’ button.

Step 4: Click on the ‘browse’ option available on the right pane as shown below.

Step 5: The website has been successfully added to the IIS Server and runs on the respective port as shown below.

Frequently Asked Questions

1. What is the Anonymous Authentication feature in the IIS Server?

Suppose some users anonymously want to access our website without any login or sign-up. So, this feature allows them to access the site without providing explicit credentials. When the administrator enables this feature, the server grants access to anonymous users identified by the built-in IUSR account. 

2. Is the IIS Server available for MacOS or Linux Operating Systems?

Microsoft has developed The IIS Web Server primarily for the Windows and Windows Server Operating Systems. It is not natively available for the MacOS and Linux Systems. However, we can use the third-party services for running the IIS Server on them but they have less stability and inefficient performance than the native Windows OS. 

3. What is the use of Output Caching?

When the response of the website is requested by another user, it is not feasible to regenerate that response. Thus, Output Caching allows us to store that response in memory so that it can be served easily without regenerating that response.

4. How to troubleshoot the SSL Certificate Issues for my website?

If you want to add the SSL Certificates to your site, you must obtain it from a trusted authority. You may encounter some errors or issues during SSL Configuration. Therefore, we recommend visiting the official documentation for debugging the SSL Configuration.

Conclusion

In a nutshell, IIS Webserver helps us to manage and host our web application along with multiple advanced features such as SSL, Authentication, Logging, Caching, and advanced protocols such as HSTS. The WWW Service listens to the request, WAS manages the Application Pool and worker process and finally, the website runs inside a separate worker process to prevent the website conflicts. 

Therefore, it is the one-stop solution for all our server management requirements. Now, you have gained sufficient insights about the IIS Webserver to easily start using this useful feature of the Windows Operating System.