IIS on cloud

1-click AWS Deployment    1-click Azure Deployment

Overview

Internet Information Services (IIS, formerly Internet Information Server) is an extensible web server created by Microsoftfor use with Windows NT family.IIS supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP. It has been an integral part of the Windows NT family since Windows NT 4.0, though it may be absent from some editions (e.g. Windows XP Home edition), and is not active by default.

The Administration API for IIS was developed as an ASP.Net Core application. This allowed us to take advantage of the Web API conventions that the MVC framework offered. This application has to be accessible at all times to allow users to be able to configure IIS whenever necessary, therefore we needed it to run as a service. Hostable Web Core (HWC) is a technology that allows a consumer to have an in-process version of IIS available to them. When HWC gets loaded in, the process has access to all the capabilities that the full IIS offers. We took advantage of HWC to enable behavior quintessential to the success of the API such as windows authentication, logging, and SSL bindings.

IIS (which stands for Internet Information Services or Internet Information Server) also known as Windows web server is available on most versions of Microsoft Windows operating systems and takes second place in overall usage behind Apache HTTP Server on the internet.

It will host websites, web applications and services needed by users or developers. Many versions have shipped as far back as IIS 1 on Windows 3 and with nearly every new Windows OS a new IIS version follows.

Versions and History

Microsoft Windows Server 2003 or IIS 6 is the oldest version you would want to run for anything outside of a hobby or testing, which does supports IPV6 as well as modern security measures.

However in a professional environment IIS 8.5 or 10 (Still in Beta) will receive official software updates for years to come and support more modern applications and needs.

  • IIS 6 or Windows Server 2003 is no longer receiving any updates from Microsoft but supports IPV6 and most security measures needed for simple hosting needs on a budget.
  • IIS 7 shipped with Windows Vista and has better support for the .NET framework and some security enhancements over IIS 6.
  • IIS 7.5 Shipped with Windows 7 and added support for TLS 1.1 and 1.2. Extended support will end in 2020 this is the oldest version receiving any support officially from microsoft.
  • IIS 8 also known as Microsoft Web Server 2012 began supporting SNI or associating SSL to hostnames instead of IP addresses and multicore scaling. Support will last until 2023.
  • IIS 8.5 shipped with Windows 8.1 and has new features such as Enhanced logging capabilities and Dynamic Site Activation.
  • IIS 10 is currently in beta and will support modern technology such as HTTP/2 and powershell 5.0.

If you are a business owner consider purchasing the newest version your hardware can run.

IIS 8.5 is currently the most stable and secure version as of this writing, however once out of beta ISS 10 will become your best bet. If you are hosting a basic website on your own and cannot afford a newer version consider Apache Server instead of anything older than IIS 6.

IIS

Virtual Directories

IIS allows you to create sites, applications, and virtual directories to share information with users over the Internet or internally on an intranet such as a home network.

This concept did exist in older versions of IIS, but several changes took place in IIS 7 and changed the definition and functionality of this concept.

A virtual directory is a name that you specify in IIS and that maps to a physical directory on a server similar to how DNS maps a URL to an IP address.

The directory name becomes part of the application allowing users to navigate to a website or application and gain access to the content hosted on the server.

This content could be a website itself or media such as photos or videos within a web application or site.

In IIS 6.0, virtual directories and applications were considered to be separate objects even though they were the same thing.

An application was not a physically separate object from a virtual directory instead an app was really just a virtual directory on its own with one of the following properties in its metabase: AppFriendlyName, AppRoot, AppIsolated, and AppPoolID.

The only issue was creating a system where applications in one pool would not be allowed to communicate with applications in another pool on the same server.

In IIS 7.0 and above virtual directories and applications are separate objects and functioned in that manner.

They exist in a hierarchical relationship such as a website may contain one or more applications, an application contains one or more virtual directories, and a virtual directory maps to a physical directory on a computer.

Microsoft IIS

LOG Files

Log files record various actions on your server they are typically located at:

%SystemRoot%\system32\Logfiles\

The service name should be replaced by the service you are looking for more info on in detail.

It will show everything from the date and time something occurred to what IP address and how much data was sent both to and from your server.

If you see – in the output the data was not recorded and you may need to adjust the service if you need this information.

Ports

Typically your server will use port 80 for HTTP traffic however this can be adjusted to meet your needs or the needs of another application on your computer.

You can find a full list of ports and the purpose they each serve here. Changing a port within IIS 7 to 10 is simple. First Open Internet Information Services Manager.

Second select the Web site that you want to change and n the Action pane, select Bindings.

Third click Add to add a new site binding, or click Edit to modify an existing binding and finally click ok to apply the changes.

The architecture that we use allows the API to be self hosted as a windows service.

Introduction to IIS Architectures

Internet Information Services (IIS) 7 and later provide a request-processing architecture which includes:

  • The Windows Process Activation Service (WAS), which enables sites to use protocols other than HTTP and HTTPS.
  • A Web server engine that can be customized by adding or removing modules.
  • Integrated request-processing pipelines from IIS and ASP.NET.

IIS has two main layers – Kernel Mode and User Mode. The Kernel Mode contains the HTTP.SYS and User Mode contains WAS and W3 service. The subsection of both are shown in fig.

IIS Architecture

The above diagrams shows the flow of an HTTP request in process. The request-processing flow is described as:

  1. An HTTP request first goes to HTTP.sys and now, HTTP.SYS is responsible for passing the request to a particular application pool.
  2. HTTP.sys contacts to WAS and WAS requests configuration information from the xml file.
  3. The configuration information is sent to WWW service receives.
  4. The WWW service uses the configuration information to configure HTTP.sys.
  5. Configured HTTP.sys contacts to WAS and now, WAS starts a worker process for the application pool to which the request was made.
  6. The worker process processes the request and returns a response to HTTP.sys. The request is passed through an ordered series of module in the processing pipeline.

Role of HTTP.sys in IIS

HTTP.SYS is the part of kernel mode of IIS. Every client request is passes through the kernel mode, Http.sys then makes a queue for each and individual application pool based on the request. Whenever we create any application pool IIS automatically registers the pool with HTTP.sys to identify the particular during request processing. It provides the following services in IIS:

  1. Routing HTTP requests to the correct request queue.
  2. Caching of responses in kernel mode.
  3. Performing all text-based logging for the WWW service.
  4. Implementing quality of service functionality, which includes connection limits, connection timeouts, queue-length limits, and bandwidth throttling.

ISAPI Filter

ISAPI filters are DLL files that can be used to modify and enhance the functionality provided by IIS. ISAPI filters always run on an IIS server, filtering every request until they find one they need to process.

ISAPI filters can be registered with IIS to modify the behavior of a server. It can perform the following tasks:

  1. Change request data (URLs or headers) sent by the client
  2. Control which physical file gets mapped to the URL
  3. Control the user name and password used with anonymous or basic authentication
  4. Modify or analyze a request after authentication is complete
  5. Modify a response going back to the client
  6. Run processing when a request is complete
  7. Run processing when a connection with the client is closed
  8. Perform special logging or traffic analysis.
  9. Handle encryption and compression.

Components in IIS

IIS contains several components that perform important functions for the application and Web server roles in Windows Server® 2008 (IIS 7.0) and Windows Server 2008 R2 (IIS 7.5). Each component has responsibilities, such as listening for requests made to the server, managing processes, and reading configuration files. These components include protocol listeners, such as HTTP.sys, and services, such as World Wide Web Publishing Service (WWW service) and Windows Process Activation Service (WAS).

Protocol Listeners

Protocol listeners receive protocol-specific requests, send them to IIS for processing, and then return responses to requestors. For example, when a client browser requests a Web page from the Internet, the HTTP listener, HTTP.sys, picks up the request and sends it to IIS for processing. Once IIS processes the request, HTTP.sys returns a response to the client browser.

By default, IIS provides HTTP.sys as the protocol listener that listens for HTTP and HTTPS requests. HTTP.sys was introduced in IIS 6.0 as an HTTP-specific protocol listener for HTTP requests. HTTP.sys remains the HTTP listener in IIS 7 and later, but includes support for Secure Sockets Layer (SSL).

To support services and applications that use protocols other than HTTP and HTTPS, you can use technologies such as Windows Communication Foundation (WCF). WCF has listener adapters that provide the functionality of both a protocol listener and a listener adapter. Listener adapters are covered later in this document. For more information about WCF, see Windows Communication Foundation on MSDN.

Hypertext Transfer Protocol Stack (HTTP.sys)

The HTTP listener is part of the networking subsystem of Windows operating systems, and it is implemented as a kernel-mode device driver called the HTTP protocol stack (HTTP.sys). HTTP.sys listens for HTTP requests from the network, passes the requests onto IIS for processing, and then returns processed responses to client browsers.

In IIS 6.0, HTTP.sys replaced Windows Sockets API (Winsock), which was a user-mode component used by previous versions of IIS to receive HTTP requests and send HTTP responses. IIS 7 and later continue to rely on HTTP.sys for HTTP requests.

HTTP.sys provides the following benefits:

  • Kernel-mode caching. Requests for cached responses are served without switching to user mode.
  • Kernel-mode request queuing. Requests cause less overhead in context switching because the kernel forwards requests directly to the correct worker process. If no worker process is available to accept a request, the kernel-mode request queue holds the request until a worker process picks it up.
  • Request pre-processing and security filtering.

IIS Web Server Overview

The IIS 7 and later web servers have a completely modular architecture which offers three key benefits:

  • Componentization
  • Extensibility
  • ASP.NET Integration

Componentization

All of the Web server features are now managed as standalone components which you can easily add, remove, and replace. This enables several key advantages over previous versions of IIS:

  1. Secure the server by reducing the attack surface area. Reducing surface area is one of the most powerful ways to secure a server system. With IIS, you can remove all unused server features, achieving the minimum surface area possible while preserving the functionality of your application.
  2. Improve performance and reduce memory footprint. By removing unused server features, you can also reduce the amount of memory the server uses, and improve performance by reducing the amount of feature code that executes on every request to your application.
  3. Build custom / specialized servers. By selecting a particular set of server features, you can build custom servers that are optimized for performing a specific function within your application topology, such as edge caching or load balancing. You can add custom features to extend or replace any existing functionality using your own or third party server components built on the new extensibility APIs. The componentized architecture provides long term benefits to the IIS community: it facilitates the development of new server features as they are needed both inside Microsoft and among third party developers.

IIS has also componentized the powerful HTTP process activation model introduced in IIS 6.0 with Application Pools. The HTTP process activation model is available for more than just Web applications, receiving requests or messages over any protocol. This protocol independent service is called the Windows Process Activation Service (WAS). The Windows Communication Foundation (WCF) ships with protocol adapters that can leverage the capabilities of the WAS, improving the reliability and resource usage of WCF services.

Extensibility

Developers can leverage the modular architecture of IIS to build powerful server components that extend or replace the existing Web server features and add value to web applications hosted on IIS.

Here are reasons to develop for IIS:

  1. Empower Web applications. Extending IIS enables Web applications to benefit from functionality that in many cases cannot be easily provided at the application layer. Using the IIS ASP.NET or native C++ extensibility, developers can build solutions that add value for all application components, such as custom authentication schemes, monitoring and logging, security filtering, load balancing, content redirection, and state management.
  2. Better development experience. The brand new C++ extensibility model alleviates most of the problems that previously plagued the ISAPI development, introducing a simplified object oriented API that promotes writing robust server code. In addition, better Visual Studio integration further improves the experience of developing for IIS.
  3. Use the full power of ASP.NET. ASP.NET integration enables server modules to be rapidly developed with the familiar interfaces of ASP.NET 2.0 and rich ASP.NET application services. ASP.NET modules can provide services uniformly to ASP, CGI, static files and other content types, and can fully extend the server without the limitation present in previous versions of IIS.

ASP.NET Integration

IIS allows Web applications to fully leverage the powerful features and extensibility of ASP.NET 2.0. ASP.NET features including forms-based authentication, membership, session state and many others can be used for all types of content, providing a unified experience across the entire Web application. Developers can use the familiar ASP.NET extensibility model and rich .NET APIs to build IIS server features that are as powerful as those written using the native C++ APIs.

Configuring Your Website

Unless you have a separate IP for your website, you’ll probably need to host multiple sites on one IP address. If you’re using IIS to test a website on your local machine, you can use the “Default Web Site” listed under “Sites.”

To run a website on the same IP (in this case it will be “localhost” which is Windows’ way to identify the local machine), you must set your new website up as a new application.

Right-click “Default Web Site” and select “Add Application.” You’ll need to name your application and point to the folder that contains your website code. You also choose an application pool. An application pool is a separate worker space that lets your website run separately from others. This means that you can reboot, edit and stop an application pool and only this particular website is affected. Application pools let you run websites in different server processes, so other websites do not affect your application.

After you’ve created your application, it will show up under “Default Web Site.” To view your site, right-click the new application, click “Manage Application” and then “Browse.” As long as you aren’t blocking the folder with permissions and you have a default document set, you’ll see your website’s home page.

For a very basic website, this is all you need to do to run it on your computer. If you type “localhost/<<appname>>” in your browser, you can run the site as if it was running at a web host. However, you probably need to edit some of the settings.

Default Document

The default document is the web page that loads when the user types just your domain name into the browser. The default document is usually index.html for a static site or default.aspx for web forms. If you’re running an MVC site, you don’t need to set a default web page in IIS. The MVC engine handles this for you and uses the home view as the default home page.

Double-click the “Default Document” icon in IIS. A list of page names is shown. There are usually four default documents set up in IIS. If you don’t use them, you can delete all of them except the one you need. IIS looks for the first document listed, and if it can’t find the first default document, it moves to the next one and so on.  If you have no documents listed, IIS will throw an error.

Connection Strings

Connection strings define database connections. Each type of connection string is determined by the database your website is connecting to. For instance, if you’re connecting to a SQL Server database, the connection string indicates that the driver type is SQL, tells the application which database and server to connect to and any user names and passwords needed to connect to the server. You can set the connection string in IIS or in the application. Most applications set the connection string in the application code.

How to Install IIS on Windows 8 or Windows 10

Keeping with Microsoft modular design of, uhm, everything these days, IIS in Windows is still an optional “Windows Feature”. To install it, press the Windows + R key combination to bring up a run box, then type appwiz.cpl and press enter.

image

This will open the Program and Features part of Control Panel, on the left hand side click on the “Turn Windows features on or off” link.

image

Now click on the Internet Information Services check box.

image

If you’re a developer you are going to want to expand it and explore the sub-components as well. By default it installs all the stuff needed to host a website, and you are probably going to need some of the more developer centric components as well.

image

After clicking OK, this dialog will appear on your screen for a while.

image

When its done, fire up your browser and navigate to localhost.

image

That’s all there is to it.

Internet Information Services on cloud for AWS

Features

Major Features of  Internet Information Services

IIS 8.5 has several improvements related to performance in large-scale scenarios, such as those used by commercial hosting providers and Microsoft’s own cloud offerings. It also has several added features related to logging and troubleshooting. The new features are:

  • Idle worker-Process page-out: a function to suspend idle site to reduce the memory footprint of idle sites.
  • Dynamic Site Activation: a feature that registers listening queues only to sites that have received requests.
  • Enhanced Logging: a feature to allow collection of Server variables, request headers and response headers in the IIS logs.
  • ETW logging: an ETW provider which allows collecting real-time logs using various Event-tracing tool.
  • Automatic Certificate Rebind: a feature that detects when a site certificate has been renewed, and automatically rebinds the site to it.

IIS 8.0 offers new features targeted at performance and easier administration. The new features are:

  • Application Initialization: a feature that allows an administrator to configure certain applications to start automatically with server startup. This reduces the wait time experienced by users who access the site for the first time after a server reboot.
  • Splash page during application initialization: the administrator can configure a splash page to be displayed to the site visitor during an application initialization.
  • ASP.net 4.5 support: With IIS 8.0, ASP.net 4.5 is included by default, and IIS also offers several configuration options for running it side-by-side with ASP.net 3.5.
  • Centralized SSL certificate support: a feature that makes managing certificates easier by allowing the administrator to store and access the certificates on a file share.
  • Multicore scaling on NUMA hardware: IIS 8.0 provides several configuration options that optimize performance on systems that run NUMA, such as running several worker processes under one application pool, using soft or hard affinity and more.
  • WebSocket Protocol Support.
  • Server Name Indication (SNI): SNI is an extension to Transport Layer Security, which allows binding of multiple websites with different hostnames to one IP address (similar to how Host Headers are used for non-SSL sites).
  • Dynamic IP Address Restrictions: a feature that enables an administrator to dynamically block IPs or IP ranges that hit the server with a large number of requests.
  • CPU Throttling: a set of controls that allow the server administrator to control CPU usage by each application pool in order to optimize performance in a multi-tenant environment.

 

AWS

Installation Instructions for Windows

A) Choose Start, expand All Programs, and then expand Internet Information Services

B) RDP Connection: To connect to the operating system,

1) Connect to virtual machine using following RDP credentials :

  • Hostname: PublicDNS  / IP of machine
  • Port : 3389

Username: To connect to the operating system, use RDP and the username is Administrator.
Password : Please Click here  to know how to  get password .

C) Other Information:

1.Default installation path: will be on your root folder “C:\Program Files (x86)\Microsoft Visual Studio 14.0”
2.Default ports:

  • Windows Machines:  RDP Port – 3389
  • Http: 80
  • Https: 443

3.  To activate Visual Studio use Product Key or Sign in from of Internet Information Services

Configure custom inbound and outbound rules using this link

AWS Step by Step Screenshots

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Videos

Introduction

How IIS work

Basic configuration

 

IIS on cloud

Related Posts