IIS with Application Server on Cloud

1-click AWS Deployment    1-click Azure Deployment 1-click Google Deployment


Internet Information Services (IIS, formerly Internet Information Server) is an extensible web server created by Microsoftfor use with Windows NT family.IIS supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP. It has been an integral part of the Windows NT family since Windows NT 4.0, though it may be absent from some editions (e.g. Windows XP Home edition), and is not active by default.

The Administration API for IIS was developed as an ASP.Net Core application. This allowed us to take advantage of the Web API conventions that the MVC framework offered. This application has to be accessible at all times to allow users to be able to configure IIS whenever necessary, therefore we needed it to run as a service. Hostable Web Core (HWC) is a technology that allows a consumer to have an in-process version of IIS available to them. When HWC gets loaded in, the process has access to all the capabilities that the full IIS offers. We took advantage of HWC to enable behavior quintessential to the success of the API such as windows authentication, logging, and SSL bindings.

IIS (which stands for Internet Information Services or Internet Information Server) also known as Windows web server is available on most versions of Microsoft Windows operating systems and takes second place in overall usage behind Apache HTTP Server on the internet.

It will host websites, web applications and services needed by users or developers. Many versions have shipped as far back as IIS 1 on Windows 3 and with nearly every new Windows OS a new IIS version follows.

Versions and History

Microsoft Windows Server 2003 or IIS 6 is the oldest version you would want to run for anything outside of a hobby or testing, which does supports IPV6 as well as modern security measures.

However in a professional environment IIS 8.5 or 10 (Still in Beta) will receive official software updates for years to come and support more modern applications and needs.

  • IIS 6 or Windows Server 2003 is no longer receiving any updates from Microsoft but supports IPV6 and most security measures needed for simple hosting needs on a budget.
  • IIS 7 shipped with Windows Vista and has better support for the .NET framework and some security enhancements over IIS 6.
  • IIS 7.5 Shipped with Windows 7 and added support for TLS 1.1 and 1.2. Extended support will end in 2020 this is the oldest version receiving any support officially from microsoft.
  • IIS 8 also known as Microsoft Web Server 2012 began supporting SNI or associating SSL to hostnames instead of IP addresses and multicore scaling. Support will last until 2023.
  • IIS 8.5 shipped with Windows 8.1 and has new features such as Enhanced logging capabilities and Dynamic Site Activation.
  • IIS 10 is currently in beta and will support modern technology such as HTTP/2 and powershell 5.0.

If you are a business owner consider purchasing the newest version your hardware can run.

IIS 8.5 is currently the most stable and secure version as of this writing, however once out of beta ISS 10 will become your best bet. If you are hosting a basic website on your own and cannot afford a newer version consider Apache Server instead of anything older than IIS 6.


Virtual Directories

IIS allows you to create sites, applications, and virtual directories to share information with users over the Internet or internally on an intranet such as a home network.

This concept did exist in older versions of IIS, but several changes took place in IIS 7 and changed the definition and functionality of this concept.

A virtual directory is a name that you specify in IIS and that maps to a physical directory on a server similar to how DNS maps a URL to an IP address.

The directory name becomes part of the application allowing users to navigate to a website or application and gain access to the content hosted on the server.

This content could be a website itself or media such as photos or videos within a web application or site.

In IIS 6.0, virtual directories and applications were considered to be separate objects even though they were the same thing.

An application was not a physically separate object from a virtual directory instead an app was really just a virtual directory on its own with one of the following properties in its metabase: AppFriendlyName, AppRoot, AppIsolated, and AppPoolID.

The only issue was creating a system where applications in one pool would not be allowed to communicate with applications in another pool on the same server.

In IIS 7.0 and above virtual directories and applications are separate objects and functioned in that manner.

They exist in a hierarchical relationship such as a website may contain one or more applications, an application contains one or more virtual directories, and a virtual directory maps to a physical directory on a computer.

Microsoft IIS

LOG Files

Log files record various actions on your server they are typically located at:


The service name should be replaced by the service you are looking for more info on in detail.

It will show everything from the date and time something occurred to what IP address and how much data was sent both to and from your server.

If you see – in the output the data was not recorded and you may need to adjust the service if you need this information.


Typically your server will use port 80 for HTTP traffic however this can be adjusted to meet your needs or the needs of another application on your computer.

You can find a full list of ports and the purpose they each serve here. Changing a port within IIS 7 to 10 is simple. First Open Internet Information Services Manager.

Second select the Web site that you want to change and n the Action pane, select Bindings.

Third click Add to add a new site binding, or click Edit to modify an existing binding and finally click ok to apply the changes.

The architecture that we use allows the API to be self hosted as a windows service.

Introduction to IIS Architectures

Internet Information Services (IIS) 7 and later provide a request-processing architecture which includes:

  • The Windows Process Activation Service (WAS), which enables sites to use protocols other than HTTP and HTTPS.
  • A Web server engine that can be customized by adding or removing modules.
  • Integrated request-processing pipelines from IIS and ASP.NET.

IIS has two main layers – Kernel Mode and User Mode. The Kernel Mode contains the HTTP.SYS and User Mode contains WAS and W3 service. The subsection of both are shown in fig.

IIS Architecture

The above diagrams shows the flow of an HTTP request in process. The request-processing flow is described as:

  1. An HTTP request first goes to HTTP.sys and now, HTTP.SYS is responsible for passing the request to a particular application pool.
  2. HTTP.sys contacts to WAS and WAS requests configuration information from the xml file.
  3. The configuration information is sent to WWW service receives.
  4. The WWW service uses the configuration information to configure HTTP.sys.
  5. Configured HTTP.sys contacts to WAS and now, WAS starts a worker process for the application pool to which the request was made.
  6. The worker process processes the request and returns a response to HTTP.sys. The request is passed through an ordered series of module in the processing pipeline.

Role of HTTP.sys in IIS

HTTP.SYS is the part of kernel mode of IIS. Every client request is passes through the kernel mode, Http.sys then makes a queue for each and individual application pool based on the request. Whenever we create any application pool IIS automatically registers the pool with HTTP.sys to identify the particular during request processing. It provides the following services in IIS:

  1. Routing HTTP requests to the correct request queue.
  2. Caching of responses in kernel mode.
  3. Performing all text-based logging for the WWW service.
  4. Implementing quality of service functionality, which includes connection limits, connection timeouts, queue-length limits, and bandwidth throttling.

ISAPI Filter

ISAPI filters are DLL files that can be used to modify and enhance the functionality provided by IIS. ISAPI filters always run on an IIS server, filtering every request until they find one they need to process.

ISAPI filters can be registered with IIS to modify the behavior of a server. It can perform the following tasks:

  1. Change request data (URLs or headers) sent by the client
  2. Control which physical file gets mapped to the URL
  3. Control the user name and password used with anonymous or basic authentication
  4. Modify or analyze a request after authentication is complete
  5. Modify a response going back to the client
  6. Run processing when a request is complete
  7. Run processing when a connection with the client is closed
  8. Perform special logging or traffic analysis.
  9. Handle encryption and compression.

Components in IIS

IIS contains several components that perform important functions for the application and Web server roles in Windows Server® 2008 (IIS 7.0) and Windows Server 2008 R2 (IIS 7.5). Each component has responsibilities, such as listening for requests made to the server, managing processes, and reading configuration files. These components include protocol listeners, such as HTTP.sys, and services, such as World Wide Web Publishing Service (WWW service) and Windows Process Activation Service (WAS).

Protocol Listeners

Protocol listeners receive protocol-specific requests, send them to IIS for processing, and then return responses to requestors. For example, when a client browser requests a Web page from the Internet, the HTTP listener, HTTP.sys, picks up the request and sends it to IIS for processing. Once IIS processes the request, HTTP.sys returns a response to the client browser.

By default, IIS provides HTTP.sys as the protocol listener that listens for HTTP and HTTPS requests. HTTP.sys was introduced in IIS 6.0 as an HTTP-specific protocol listener for HTTP requests. HTTP.sys remains the HTTP listener in IIS 7 and later, but includes support for Secure Sockets Layer (SSL).

To support services and applications that use protocols other than HTTP and HTTPS, you can use technologies such as Windows Communication Foundation (WCF). WCF has listener adapters that provide the functionality of both a protocol listener and a listener adapter. Listener adapters are covered later in this document. For more information about WCF, see Windows Communication Foundation on MSDN.

Hypertext Transfer Protocol Stack (HTTP.sys)

The HTTP listener is part of the networking subsystem of Windows operating systems, and it is implemented as a kernel-mode device driver called the HTTP protocol stack (HTTP.sys). HTTP.sys listens for HTTP requests from the network, passes the requests onto IIS for processing, and then returns processed responses to client browsers.

In IIS 6.0, HTTP.sys replaced Windows Sockets API (Winsock), which was a user-mode component used by previous versions of IIS to receive HTTP requests and send HTTP responses. IIS 7 and later continue to rely on HTTP.sys for HTTP requests.

HTTP.sys provides the following benefits:

  • Kernel-mode caching. Requests for cached responses are served without switching to user mode.
  • Kernel-mode request queuing. Requests cause less overhead in context switching because the kernel forwards requests directly to the correct worker process. If no worker process is available to accept a request, the kernel-mode request queue holds the request until a worker process picks it up.
  • Request pre-processing and security filtering.

IIS Application Pools

If you look back up at the image, you’ll notice something called an application pool, which is a container for worker processes. Each application pool runs isolated from others so you might have one site running in one application pool and a second site running in another. This way if something happens to one site, it shouldn’t affect the other.

By default each application pool contains a single worker process, however, more can be created and when multiple worker processes are inside a single application pool, it’s called a web garden. The idea is that a web garden can make better use of server CPU and RAM and more efficiently use resources so idle time is reduced. That’s the idea, but I’ve had a difficult time confirming if it works as advertised.

Like Apache’s worker processes, application pools and web gardens can grow out of control under a heavy load with a lot of requests.

Overall IIS is reportedly a little more memory intensive than Apache. On the other hand, it makes use of configuration wizards and a graphic interface so it can be easier to use compared to Apache’s text files configuration.

In an effort not to get too much wrong, let me stop there and point you to some other articles that can probably do a better job with the details than I can.

Application server

An application server is a software framework that provides both facilities to create web applications and a server environment to run them.

Application Server Frameworks contain a comprehensive service layer model. An application server acts as a set of components accessible to the software developer through a standard API defined for the platform itself. For Web applications, these components are usually performed in the same running environment as their web server(s), and their main job is to support the construction of dynamic pages. However, many application servers target much more than just Web page generation: they implement services like clustering, fail-over, and load-balancing, so developers can focus on implementing the business logic.

In the case of Java application servers, the server behaves like an extended virtual machine for running applications, transparently handling connections to the database on one side, and, often, connections to the Web client on the other.

Other uses of the term may refer to the services that a server makes available or the computer hardware on which the services run.

Workflow of the application server.


The term was originally used when discussing early client–server systems to differentiate servers that contain application logic SQL services and middleware servers as distinct from other types of data-servers.

Currently, despite the fact that web-browsers have become ubiquitous and are typically the client for end-users in many application deployment strategies, browser-based web apps represent only a subset of application-server technologies.

Application Server definition

Application servers are system software upon which web applications or desktop applications run. Application servers consist of web server connectors, computer programming languages, runtime libraries, database connectors, and the administration code needed to deploy, configure, manage, and connect these components on a web host. An application server runs behind a web Server (e.g. Apache or Microsoft Internet Information Services (IIS)) and (almost always) in front of an SQL database (e.g. PostgreSQL, MySQL, or Oracle). Web applications are computer code which run atop application servers and are written in the language(s) the application server supports and call the runtime libraries and components the application server offers.

Many application servers exist. The choice impacts the cost, performance, reliability, scalability, and maintainability of a web application.

Proprietary application servers provide system services in a well-defined but proprietary manner. The application developers develop programs according to the specification of the application server. Dependence on a particular vendor is the drawback of this approach.

An opposite but analogous case is the Java EE platform. Java EE application servers provide system services in a well-defined, open, industry standard. The application developers develop programs according to the Java EE specification and not according to the application server. A Java EE application developed according to Java EE standard can be deployed in any Java EE application server making it vendor independent.

Java application servers

Java Platform, Enterprise Edition or Java EE (was J2EE) defines the core set of API and features of Java Application Servers.

The Java EE infrastructure is partitioned into logical containers.

  • EJB container: Enterprise JavaBeans (EJB) are used to manage transactions. According to the J2EE blueprints, the business logic of an application resides in Enterprise JavaBeans—a modular server component providing many features, including declarative transaction management, and improving application scalability.
  • Web container: The Web modules include servlets and JavaServer Pages (JSP).
  • JCA container (Java EE Connector Architecture)
  • JMS provider (Java Message Service)

Some Java Application Servers leave off many Java EE features like EJB and Java Message Service (JMS). Their focus is more on Java Servlets and JavaServer Pages.

There are many open source Java application servers that support Java EE.

Commercial Java application servers have been dominated by WebLogic Application Server by Oracle, WebSphere Application Server from IBM and the open source JBoss Enterprise Application Platform (JBoss EAP) by Red Hat.

A Java Server Page (JSP) executes in a web container. JSPs provide a way to create HTML pages by embedding references to the server logic within the page. HTML coders and Java programmers can work side by side by referencing each other’s code from within their own.

The application servers mentioned above mainly serve web applications, and services via RMI, EJB, JMS and SOAP. Some application servers target networks other than web-based ones: Session Initiation Protocol servers, for instance, target telephony networks.

.NET Framework


Microsoft positions their middle-tier applications and services infrastructure in the Windows Server operating system and the .NET Framework technologies in the role of an application server The Windows Application Server role includes Internet Information Services (IIS) to provide web server support, the .NET Framework to provide application support, ASP.NET to provide server side scripting, COM+ for application component communication, Message Queuing for multithreaded processing, and the Windows Communication Foundation (WCF) for application communication.


  • Mono (a cross platform open-source implementation of .NET supporting nearly all its features, with the exception of Windows OS-specific features), sponsored by Microsoft and released under the MIT License
  • Base4 Application Server, an open source project
  • TNAPS Application Server, freeware application server, developed by TN LLC

PHP application servers

PHP application servers are used for running and managing PHP applications.

Zend Server, built by Zend Technologies, provides application server functionality for the PHP-based applications.

appserver.io, built by TechDivision GmbH is a multithreaded application server for PHP written in PHP.

RoadRunner, built by Spiral Scout is high-performance PHP application server, load-balancer and process manager written in Golang.

Mobile application servers

A mobile app server is mobile middleware that makes back-end systems accessible to mobile application to support Mobile application development. Much like a web server that stores, processes and delivers web pages to clients, a mobile app server bridges the gap from existing infrastructure to mobile devices.


Although most standards-based infrastructure (including SOAs ) are designed to connect to any independent of any vendor, product or technology, most enterprises have trouble connecting back-end systems to mobile applications, because mobile devices add the following technological challenges

  • Limited resources – mobile devices have limited power and bandwidth
  • Intermittent connectivity – cellular service and wifi coverage is often not continuous
  • Difficult to secure– mobility and BYOD make it hard to secure mobile devices

Mobile application servers vs. application servers vs. web servers

Mobile application servers, Application servers, and web servers serve similar purposes: they are pieces of middleware that connect back-end systems to the users that need to access them, but the technology in each of the three differs. Application servers—developed before the ubiquity of web-based applications—expose back-end business logic through various protocols, sometimes including HTTP, and manage security, transaction processing, resource pooling, and messaging.When web-based applications grew in popularity, application servers did not meet the needs of developers, and the web server was created to fill the gap.

Web servers provide the caching and scaling functionality demanded by web access and not provided by application servers. They convert requests to static content, and serve only HTTP content.Over time, application servers and web servers have morphed from two previously distinct categories, blended features, and arguably have merged

Mobile application servers are on a similar path.The emergence of mobile devices presents the need for functionality not anticipated by the developers of traditional application server developers, and mobile application servers fill this gap. They take care of the security, data management and off-line requirements not met by existing infrastructure, and present content exclusively in REST.

Over time, these three categories may fully merge and be available in a single product, but the root functions differ.

How do I install Microsoft Application Server to enable installation of Webtrends Analytics?

Application Server is a required role that must be installed on Windows Server 2008 prior to the installation of Webtrends Analytics. Without the Application Server Role installed the Webtrends installation will fail and return error code 1603.

To install Application Server as a role on Windows Server 2008 or Windows Server 2008 R2, follow the steps below:

1. Click Start, click Administrative Tools, and then click Server Manager.

2. Right-click on Roles in the left hand navigation pane.

3. Click on Add Roles in the Right-Click pop-up window.

4. Check the box for Application Server and click the Next button.

User-added image

5. Check the box for Web Server (IIS) Support and accept required components.

6. Make sure HTTP Activation and Message Queuing Activation also are checked.

User-added image

7. Click the Next button to move to the Confirmation window.

8. Click the Install button to complete the installation.

If the Roles had already been installed but the HTTP Activation and Message Queuing Activation role service had not been installed, expand Roles, right-click on Application Server and select Add Role Services. The Select Role Services window displays. Check the box for Message Queuing Activation, then select Install to complete the process.


Installing The Application Server Role In Windows Server 2016

It is not possible to install the Application Server Role in Windows Server 2016, as it has been deprecated. However, it is possible to manually configure the operating system in the manner that the COM+ Server requires. To do so:

  1. Open the simplified Windows Firewall settings, and click on Allow an app or feature through Windows Firewall.
    – Or –
    Press the Windows key and search for Allow an app through Windows Firewall.
  2. Enable COM+ Network Access:
  3. Open Regedit.
  4. Go to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3
  5. Change the value of RemoteAccessEnabled to 1


Cognosys provides hardened images of IIS on all public cloud i.e. AWS marketplace and Azure.

The architecture that we use allows the API to be self hosted as a windows service.




Major Features of  IIS with Application Server

IIS 8.5 has several improvements related to performance in large-scale scenarios, such as those used by commercial hosting providers and Microsoft’s own cloud offerings. It also has several added features related to logging and troubleshooting. The new features are:

  • Idle worker-Process page-out: a function to suspend idle site to reduce the memory footprint of idle sites.
  • Dynamic Site Activation: a feature that registers listening queues only to sites that have received requests.
  • Enhanced Logging: a feature to allow collection of Server variables, request headers and response headers in the IIS logs.
  • ETW logging: an ETW provider which allows collecting real-time logs using various Event-tracing tool.
  • Automatic Certificate Rebind: a feature that detects when a site certificate has been renewed, and automatically rebinds the site to it.

IIS 8.0 offers new features targeted at performance and easier administration. The new features are:

  • Application Initialization: a feature that allows an administrator to configure certain applications to start automatically with server startup. This reduces the wait time experienced by users who access the site for the first time after a server reboot.
  • Splash page during application initialization: the administrator can configure a splash page to be displayed to the site visitor during an application initialization.
  • ASP.net 4.5 support: With IIS 8.0, ASP.net 4.5 is included by default, and IIS also offers several configuration options for running it side-by-side with ASP.net 3.5.
  • Centralized SSL certificate support: a feature that makes managing certificates easier by allowing the administrator to store and access the certificates on a file share.
  • Multicore scaling on NUMA hardware: IIS 8.0 provides several configuration options that optimize performance on systems that run NUMA, such as running several worker processes under one application pool, using soft or hard affinity and more.
  • WebSocket Protocol Support.
  • Server Name Indication (SNI): SNI is an extension to Transport Layer Security, which allows binding of multiple websites with different hostnames to one IP address (similar to how Host Headers are used for non-SSL sites).
  • Dynamic IP Address Restrictions: a feature that enables an administrator to dynamically block IPs or IP ranges that hit the server with a large number of requests.
  • CPU Throttling: a set of controls that allow the server administrator to control CPU usage by each application pool in order to optimize performance in a multi-tenant environment.


Installation Instructions for Windows

Note: How to find PublicDNS in AWS

Step 1) RDP  Connection: To connect to the deployed instance, Please follow Instructions to Connect to Windows  instance on AWS Cloud

1) Connect to the virtual machine using following RDP credentials:

  • Hostname: PublicDNS  / IP of machine
  • Port : 3389

Username: To connect to the operating system, use RDP and the username is Administrator.
Password: Please Click here to know how to get password .

Step 2) Choose Start, expand All Programs, and then expand IIS with Application Server

Step 3) Other Information:

1.Default ports:

  • Windows Machines:  RDP Port – 3389
  • Http: 80
  • Https: 443

Configure custom inbound and outbound rules using this link

AWS Step by Step Screenshots





















Installation Instructions For Windows

Installation Instructions for Windows

Step 1) VM Creation:

  1. Click the Launch on Compute Engine button to choose the hardware and network settings.
  2. You can see at this page, an overview of Cognosys Image as well as estimated cost of running the instance.
  3. In the settings page, you can choose the number of CPUs and amount of RAM, the disk size and type etc.

Step 2) RDP Connection: To initialize the DB Server connect to the deployed instance, Please follow Instructions to Connect to Windows instance on Google Cloud

Step 3) Choose Start, expand All Programs, and then expand IIS with Application Server

Step 4) Other Information:

1.Default ports:

  • Windows Machines:  RDP Port – 3389
  • Http: 80
  • Https: 443





Basic configuration

IIS with Application Server on Cloud

Related Posts