Introduction
In the past, I have written a few articles for beginners and had got a
very good response from all readers. This time I have planned to write
an article
on IIS 6.0 and Integration of IIS with ASP.NET. I have worked on IIS
5.1, IIS 6.0, and IIS 7.0. Though the purpose of all IIS servers are the
same,
they are very different in their architecture and use. Don't worry, I am
not going to explain the differences of those three versions of IIS.
The purpose of this article is completely different. While answering in
the ASP.NET forum, I found many questions on deploying websites,
the security settings of IIS, different authentication types,
Application Pool, recycling of application pool, etc. This is an "All in
One"
article for IIS. This will help beginners know what IIS is, how to
install IIS, how to deploy sites on IIS, create an Application Pool, web
garden, etc.
This article is all about IIS 6.0. If anybody is interested in IIS 7.0,
please read the article Deploying ASP.NET Websites on IIS 7.0.
Please give your valuable suggestions and feedback to improve this article.
What is a Web Server
Visual Studio has its own ASP.NET engine which is responsible for
running your web application so you don't have any problems running an
ASP.NET
application from the VS IDE. When you want to host your site for others
to access, the concept of a "Web Server" comes into picture. A web
server
is responsible for providing a response to requests that come from
clients. So when multiple users come in, multiple requests also come
in and the web server will have a response for each of them. IIS
(Internet Information Server) is one of the most powerful web servers
from Microsoft that
is used to host ASP.NET web applications. IIS has its own ASP.NET
Process to handle ASP.NET requests. If you look at this picture:
IIS Server Overview
The first client will make a request to the web server (IIS), the web
server checks the request and will pass the request to the ASP.NET
Process (don't get confused here,
I have explained the details), the ASP.NET process engine will process
the request and pass the response to the client via the web server.
One of the major roles of IIS is handling each and every request. Don't
worry, I have explained each and everything in more detail later.
So far I hope it is clear why we are using a web server.
Introduction to IIS
IIS 6.0 provides a redesigned World Wide Web Publishing Service
architecture that can help you achieve better performance, reliability,
scalability,
and security for your web sites. In this section, I have described an
overview of IIS and an installation guide for IIS 6.0.
Overview of IIS
Internet Information Server is one of the most powerful web servers
provided by Microsoft that is able to host and run your web
applications.
IIS supports the following protocols: FTP, FTPS, SMTP, NNTP, HTTP/HTTPS.
We can host our web sites on IIS, we can use it as an FTP site also.
For more information, click here.
IIS Version in Different OSs
Below is a list of IIS versions that support the following Oerating Systems:
| Operating System |
IIS Version |
| Windows Server 2008 |
IIS 7.0 |
| Windows Vista - Home Premium/ Ultimate |
IIS 7.0 |
| Windows Server 2003 |
IIS 6.0 |
| Windows XP Professional |
IIS 5.1 |
| Windows 2000 Server IIS 5.0 |
IIS 5.0 |
How to Install IIS 6.0
Installation of IIS is very similar to installing any other system
application from the Control Panel. We have to start navigation from
Control Panel > Add/Remove Programs,
then select Add/Remove Windows Component. Follow the screen given below.
IIS installation
Select "Application Server" from the checkbox list. This will open a new window, select IIS, and click on OK.
IIS installation selection
This will initiate IIS installation. The OS will show a continuous
progress bar during installation and will show a final message after
installation is complete.
IIS installation progress
Note: During the installation period, it may ask for
some OS files. You need to provide the paths for them. After successful
installation of IIS,
go to Start > Run > Inetmgr to launch IIS. The below screen will
appear, which indicates that IIS has been successfully installed in your
system.
IIS installed successfully
IIS 6.0 Process Model and Request Processing
Before starting with a virtual directory and Application Pool and all
other stuff, let us have a quick look into the IIS 6.0 Process module
and IIS
request processing. This topic is a huge one. Here I am just giving you
an overview.
We can divide the whole architecture into two layers.
- Kernel Mode
- User Mode
- Web Admin Service
- Virtual Directory
- Application Pool
IIS 6.0 Process module
As per the above diagram, IIS has two modes, Kernel and User. HTTP.SYS is the heart of kernel mode which accepts raw requests
from the client and pass it to a particular application pool. Below are the steps of IIS request processing.
- Client requests for a page from the browser by hitting the site URL.
- Request comes to kernel level. HTTP.SYS catches the requests and creates a separate queue for each and every application pool.
Note: Whenever we create an application pool, IIS automatically registers the pool with HTTP.SYS to identify
it during request processing.
Then HTTP.SYS forwards the request to the Application Pool.
- A request coming to the application pool means the worker process (w3wp.exe) starts action by loading the ISAPI Filter.
- Based on the requested resource, w3wp.exe loads "aspnet_isapi.dll" for an APSX page and starts an
HTTPRuntime which is the entry point of an application.
- Then the
HttpRuntime.ProcessRequest method signals the start of processing.
- The
HttpContext object represents the context of the currently active request, as it contains references to objects you can access
during the request lifetime, such as Request, Response, Application, Server, and Cache.
- The
HttpRuntime creates a pool of HttpApplication objects.
- The request passes through the HTTP Pipeline.
- HTTP Modules are executed against the request until the request hits the ASP.NET page HTTP Handler.
- Once the request leaves the HTTP Pipeline, the Page life cycle starts.
If you want to know the details of IIS request processing, I will suggest you read the article ASP.NET Internals: Request Architecture.
Deploying Your Web Sites on IIS
In this section, I discuss how to host a site on IIS, how to create a
virtual directory, configure a virtual directory, etc. Let's start with
virtual directory creation.
Creating a Virtual Directory
There are various way to host a web application on IIS. Visual Studio
has some inbuilt features to host and create a virtual directory on IIS
directly.
Here is
one of my articles on hosting a site on IIS from Visual Studio. But in
this section, Idiscuss the basic steps for creating a virtual directory.
First, right click on Default web sites > New > Virtual Directory.
Virtual directory creation
By selecting "Virtual Directory...", the virtual directory creation wizard will start. Click on "Next".
Virtual directory creation
Give the "Alias" name and proceed for "Next". The alias name is your virtual directory name.
Virtual directory creation
As its name implies, a "virtual directory" does not contain any physical file. We need to define the physical file path
that it will refer to. We have to browse the physical path over here.
Virtual directory creation
Now based on your requirements, you can select the check boxes and click on "Next". Generally, we select only the "Read" option.
Virtual directory creation: Permission settings
Below is a list of permissions that we can use:
- Read: It is the most basic and is mandatory to access webpages of your application.
- Run Scripts: It is required for ASPX pages, not for
static HTML pages because ASPX pages need more permissions so they
could conceivably perform operations.
- Execute: This allows the user to run an ordinary
executable file or CGI application. This can be a security risk so only
allow when it is really needed.
- Write: It allows to add, modify, or remove files from the web server. This should never be allowed.
- Browse: This allows one to retrieve a full list of
files in a virtual directory even if the contents of the files are
restricted. It is generally disabled.
You are done! The virtual directory has been created successfully.
You will get a final message. Click on "Finish" to close the window and
move forward.
Virtual directory creation: Finish
There are other alternative options that you can use for creating a virtual directory.
- Copy the physical directory to the wwwroot folder.
- Physical Folder Properties > Web Sharing.
Configure Virtual Directory
The items listed below are very important for the configuration of any web application.
- Virtual Directory
- Documents
- Documents
- ASP.NET
- Directory Security
- Custom Errors
I have explained each of them step by step. Apart from them, a
Virtual Directory can have settings like BITS Server Extension, HTTP
Header, etc.
I haven't covered those in this article. Let us start with the "Virtual
Directory" tab.
Virtual Directory
This is the most important configuration section for a virtual
directory. To open this tab, we need to select the newly created virtual
directory.
Virtual directory configuration
Right click on it > Properties. The below screen will come up:
Virtual directory properties
Here we can change the local path (physical path). Before looking
into other stuff, first look into the "Application Settings" section.
It seems the application name is disabled. So first we need to click the
"Create" button, which will enable the rest of the settings. Check the
below image.
Virtual directory creation
Here we can change the execution setting and application pool name.
Choosing "None" for Execute Permission will restrict the access
to the web site. Now we will move to the "Documents" tab.
Documents
The Documents tab is used to set the default page of your web
application. We can add or remove the page name in this section. To
configure, we have to move
to the "Documents" tab.
Virtual directory creation
This is useful when you want to access the site directly with the
virtual directory name. For example, if your virtual directory name is
"mywebsite"
and your home page name is "
home.aspx", then you can access the page as follows:
Collapse | Copy Code
http://<ip>/mywebsite/home.aspx
but if you define
home.aspx in the Documents section, you need to only use this at the address bar to access the site:
Collapse | Copy Code
http://<ip>/mywebsite
ASP.NET
If IIS is registered with multiple .NET Framework versions, the
ASP.NET version dropdown list shows all of them. But based on the
application, we need
to change the framework version. E.g.: If our application was developed
in .NET 2.0, then the version should be
2.0.X.X.
ASP.NET version selection
Tip: If .NET Framework is already installed in your
system when you are installing IIS, then ASP.NET will not be registered
with IIS.
So if you host an application on IIS, it will not work. To register IIS
with the ASP.NET version, you need to run the
aspnet_regiis -i command
from the command prompt. This will automatically register the .NET Framework with your IIS.
For more info, please read this.
Directory Security
Directory security enables all kinds of security access for your web
application. For directory, we need to move to the "Directory Security"
tab.
Directory security settings
Click on the "Edit" button to modify the directory security settings.
After clicking on the Edit button, the below screen will come up.
Directory security settings
Below are the commonly used IIS security settings:
- Anonymous
- Integrated Windows Authentication
- Basic Authentication
- Digest Authentication
Anonymous
Anonymous authentication means the site is accessible to all. This is
the default authentication mode for any site that is hosted on IIS, and
it runs under
the "IUSR_[ServerName]" account. We can change it by clicking on the
"Browse" button.
Integrated Windows Authentication
This authentication mode is generally used for Intranet sites. Users
are authenticated from the Active Directory. Integrated Windows
authentication
is also known as NTLM authentication. If browser settings automatically
login for trusted sites for Windows authentication then the site
will be logged in automatically with the Windows user credentials.
Basic Authentication
This is supported by all browsers and is a part of the HTTP standard.
This shows a login dialog control which accepts the user name and
password.
The user ID and password are passed to IIS to authenticate the user from
the Windows credentials.
Digest Authentication
The disadvantages of Basic authentication mode is that it sends a
password as plain text. Digest authentication does almost the same thing
as basic
authentication but it sends the "hash" of the password rather than
sending plain text.
Integrated Windows, Basic Authentication, and Digest Authentication use Active Directory to authenticate the user.
Note: There are many things related with IIS and ASP.NET Security configuration. I am not covering all these in detail.
I am just giving a brief overview so that you are comfortable with all this stuff.
For configuring SSL, please read the reference link that I have provided in the References section.
Custom Errors
The Custom Errors tab allows us to specify the error page that will be displayed for any specific type of HTTP Error.
Directory security settings
We can also customize the setting at our application level by configuring the
web.config settings or changing the
htm file path by clicking on the "Edit" button.
This is all about the basic overview of creation of virtual
directories and setting up. Hope you are now comfortable with all this
stuff.
Application Pool
Application pool is the heart of a website. An Application Pool can
contain multiple web sites. Application pools are used to separate sets
of IIS worker
processes that share the same configuration. Application pools enable us
to isolate our web application for better security, reliability, and
availability.
The worker process serves as the process boundary that separates each
application pool so that when a worker process or application is having
an issue or recycles,
other applications or worker processes are not affected.
Application pool - IIS
Generally we do it in our production environment. The main advantages
of using an application pool is the isolation of worker processes to
differentiate sites
and we can customize the configuration for each application to achieve a
certain level of performance. The maximum number of application pools
that is supported by IIS is 2000.
In this section, I have discussed about the creation of application
pools, application pool settings, and assigning an application pool to a
web site.
How to Create an Application Pool?
Application pool creation in IIS 6.0 is a very simple task. There are
two different ways by which we can create an application pool. There is
a pre-defined
application pool available in IIS 6.0, called "DefaultApplicationPool".
Below are the two ways to create an application pool:
- Create New Application Pool
- Create From Existing Configuration File
Create a New Application Pool
First of all, we need to open the IIS Configuration Manager. Then
right click on Application Pool and go to New > Application Pool.
Create new application pool
The below screen will appear, where we need to mention the application pool name.
New application pool name
When we create a new application pool, we can use the default
application setting for it. The selection of "Default Settings"
means by default the application pool setting will be the same as the
IIS default settings. If we want to use the configuration of an existing
application pool,
we need to select the section option "Use existing application pool as
template". Selecting this option will enable the application pool name
dropdown.
Application pool template selection
If we select an existing application pool as a template, the newly
created application pool should have the same configuration of the
template application pool.
This reduces the time for application pool configuration.
That is all about creating a new application pool. Now let us have a
look at the creation of an application pool from an existing XML
configuration file.
Create From Existing Configuration File
We can save the configuration of an application pool into an XML file
and create a new application pool from that. This is very useful during
the configuration of an application pool in a Web Farm where you have
multiple web servers and you need to configure the application pool for
each and every server.
When you are running your web application on a Load Balancer, you need
to uniquely configure your application pool.
So first of all, you need to save the application pool configuration in a server. Check the below image for details.
Application pool template selection
During this operation, we can set the password for the configuration
file which will be asked during the import of the application pool on
another server.
When we click on "Save Configuration to a file", the below screen will
appear.
Save configuration as XML file
Where we need to provide the file name and location. If we want, we
can set a password to encrypt the XML file. Below is a part of that XML:
Collapse | Copy Code
Location ="inherited:/LM/W3SVC/AppPools/StateServerAppPool"
AdminACL="49634462f0000000a4000000400b1237aecdc1b1c110e38d00"
AllowKeepAlive="TRUE"
AnonymousUserName="IUSR_LocalSystem"
AnonymousUserPass="496344627000000024d680000000076c20200000000"
AppAllowClientDebug="FALSE"
AppAllowDebugging="FALSE"
AppPoolId="DefaultAppPool"
AppPoolIdentityType="2"
AppPoolQueueLength="1000"
AspAllowOutOfProcComponents="TRUE"
AspAllowSessionState="TRUE"
AspAppServiceFlags="0"
AspBufferingLimit="4194304"
AspBufferingOn="TRUE"
AspCalcLineNumber="TRUE"
AspCodepage="0"pre>
Now we can create a new application pool for this configuration file.
While creating a new application pool, we have to select the
"Application Pool ( From File )"
option as shown in the below figure.
Application pool creation from a configuration file
When we select this option, a screen will come where we need to enter the file name and the password of that file.
Application pool creation from configuration file
Select the file and click on the "Read File" button. This will show
you the imported application pool name. Click "OK" to import the full
configuration.
Application pool creation from configuration file
Here we need to mention the new application pool name or we can have
another option where we can replace an existing application pool. For
moving ahead, we need to provide the password.
Password to import application pool configuration
This is the last step for creating a new application pool from an existing configuration file.
Configure Application Pool Properties
This is one of the most important tasks for web server configuration
and this is important when we are hosting on a production server. As I
have already discussed,
the application pool is the heart of any web application hosted on IIS.
We need to know each and every configuration of the application pool. To
start configuration,
we need to go to the Properties of the application pool.
Application pool properties
We need to configure the following things in the application pool:
- Recycling
- Performance
- Health
- Identity
Recycling
Recycling the application pool means recycling the worker process (
w3wp.exe)
and the memory used for the web application.
It is a very good practice to recycle the worker process periodically,
which wll keep the application running smooth. There are two types of
recycling related with the application pool:
- Recycling Worker Process - Predefined settings
- Recycling Worker Process - Based on memory
Recycling Worker Process - Predefined Settings
Worker process recycling is the replacing of the instance of the
application in memory. IIS 6.0 can automatically recycle worker
processes by restarting
the worker processes that are assigned to an application pool and
associated with websites. This improves web site performance and keeps
web sites up and running smoothly.
Application pool recycling- Worker process
There are three types of settings available for recycling worker processes:
- In minutes
- Number of requests
- At a given time
Recycle Worker Process (In Minutes)
We can set a specific time period after which a worker process will
be recycled. IIS will take care of all the current running requests.
Recycle Worker Process (Number of Requests)
We can configure an application with a given number of requests. Once
IIS reaches that limit, the worker process will be recycled
automatically.
Recycle Worker Process (In Minutes)
If we want to recycle the worker process at any given time, we can do
that configuration on IIS. We can also set multiple times for this.
Application pool recycling - Worker process: Time setting
Recycling Worker Process - Based on Memory
Server memory is a big concern for any web application. Sometimes we
need to clean up a worker process based on the memory consumed by it.
There are two types of settings that we can configure in the application
pool to recycle a worker process based on memory consumption. These
are:
- Maximum virtual memory used
- Maximum used memory
Application pool recycling - Worker process.
At any time, if the worker process consumes the specified memory (at
memory recycling settings), it will be recycled automatically.
What Happens During Application Pool Recycling
This is quite an interesting question. Based on the above settings,
an application pool can be recycled any time. So what happens to the
users who are accessing
the site at that time? We do not need to worry about that. This process
is transparent from the client. When you recycle an application pool,
HTTP.SYS holds onto
the client connection in kernel mode while the user mode worker process
recycles. After the process recycles, HTTP.SYS transparently routes the
new requests to the new worker process.
Performance
Moving to the Performance tab in the Properties dialog box results in the following output.
Application pool performance
To improve the performance of a web application, we can setup the
performance settings of the application pool. We can set the shut down
time of the worker process based
on the ideal time. The worker process will be shut down at a given time
period if it is ideal. Whenever a new requests comes, it will live
again. Another important
thing for improving the performance is "Web Garden".
Web Garden
Overview of Web Garden
By default, each application pool runs with a single worker process
(W3Wp.exe). We can assign multiple worker processes with a single
application pool. An application pool with multiple
worker processes is called a Web Garden. Many worker processes with the
same application pool can sometimes provide better throughput
performance and application response time. And each worker process
should have its own thread and memory space.
Web Garden (Application pool with multiple worker processes)
As Shown in the picture, in IIS Server, there may be multiple
application pools and each application pool has at least a single worker
process. A Web Garden should
contain multiple worker processes.
There are certain restrictions in using a Web Garden with your web
application. If we use Session Mode as "in proc", our application
will not work correctly because the Session will be handled by a
different worker process. To avoid this, we should use Session Mode as
"out proc"
and we can use "Session State Server" or "SQL-Server Session State".
How to Create a Web Garden?
We need to increase the number of worker processes on the Performance tab.
Web garden creation
Main advantage: The worker processes in a web garden
share the requests that arrive for that particular application pool. If
a worker process fails,
another worker process can continue processing the requests.
Health
Now we move to the "Health" tab. When wel select the "Health" tab, it will show the following screen:
Health monitoring setting
IIS provides a couple of settings to improve the health of an
application pool. There are also a few settings for measuring the worker
process health. These are:
- Enable Pinging
- Enable Rapid-fail protection
- Startup time limit
- Shutdown time limit
Enable Pinging
This property specifies whether the WWW Publishing Service should
periodically monitor the health of a worker process. Checking this
option
indicates to the WWW service to monitor the worker processes to ensure
that worker processes are running and healthy. By default, it sets to
30s.
This is also needed to check if a service is staying ideal or not. If it
is ideal it can be shutdown until the next request comes. The Windows
Activation Process maintains all this stuff.
Enable Rapid-fail Protection
When enabling Rapid Fail Protection, the application pool is shut
down if there are a specified number of worker process crashing within a
specified time period.
When this happens, the WWW Publishing Service puts all applications in
the application pool "out of service".
Failure Count: The default value for failure count
is 5 minutes. This property specifies the maximum number of failures
allowed within the number of minutes specified
by the "Time Period" property before the application pool is shut down
by Rapid Fail Protection. If the number of failure
is more than the specified in a given time, the application pool should
be put on "out of service mode".
Time period: This property specifies the number of
minutes before the failure count for a process is reset. By default, it
is set to 5 minutes.
Startup time limit
The Start up time limit property specifies the amount of time that
the WWW Publishing Service should wait for a worker process to finish
starting up
and reporting to the WWW Service. In general it means the time taken to
start a worker process.
Shutdown time limit
This is the shutdown time for a worker process. This is the time
required to execute all old running worker process requests before it
shuts down during recycle time.
Identity
This is the last and final setting for an application pool. An
application pool has three types of identity: "Network Service" is the
default Identify.
"defaultappPool" also runs under the "Network Service" Identity. Below
are the listed application pool identities with description:
| Identity |
Description |
LocalSystem |
A built-in account that has administrative privileges on the server. It can access both local and remote resources.
For any kind accessing of server files or resources, we have to set the Identity of the application pool to Local System. |
LocalServices |
Built-in account has privileges of an authenticated local user account. It does not have any network access permission. |
NetworkServices |
This is the default Identity of an application pool. NetworkServices has privileges of an authenticated local user account. |
Navigating to the Identity tab will show the following screen:
Application pool identity configuration
We can also configure the application pool under a given user
account. For that, we need to select the "Configurable" option on
"Identity" tab.
This is all about the application pool. Hope now you have a very good
understanding on what application pool is, how to create and configure
the application pool.
Q: You are using a file upload control in your web
application and it is working fine on Visual Studio but when you host
the same code
on IIS, it is not working. This is a very common problem in web hosting
when file upload is involved.
A: When a web application runs under Visual Studio -
ASP.NET engine integrated with visual studio takes care of all the
executions.
And this engine has sufficient rights so that it can write data on your
disk. But when you host the site on IIS, as I have already mentioned, it
runs under
the "Network Services" Identity, which has very minimum rights on your
system. The user can only have read access on the site.
So for resolving file upload issues, you need to change the Identity of
the application pool from "Network Service" to "Local System".
Local System identity means the client can have write access on your
hard drive. This will resolve your issue of file uploading on the
server.
You can also resolve this issue by giving Write access permission to the file destination folder for "Everyone".
Enabling Web Service Extension
IIS 6.0 provides a certain type of configuration from where we can
enable/disable web service extensions. If we want to prohibit/restrict
any kind
of extension, we need to select the extension and click on the
"Prohibit" button.
Web Service extension vonfiguration
Note: If the ASP.NET v 2.0.X.XXXX extension is
prohibited over here, you will not be able to access the site which is
running on .NET 2.0.
Debugging Your Application That Hosted on IIS
If your site is hosted on IIS and we want to debug the site, the main
thing that we need to do is attach a worker process with Visual Studio.
There are two possible scenarios for debugging from IIS:
- Site is hosted on local IIS server: Local IIS debugging
- Site is hosted on remote IIS server: Remote IIS debugging
I have already published two complete articles on CodeProject on the above topic. Please refer to those for details.
Summary
To summarize, this article is for beginners who are trying to learn
about IIS. This article gives a complete coverage of IIS,
hosting sites on IIS, application pool creation, etc. I have also
mentioned a few tips which are very commonly used in dealing with IIS.
Hope this will help beginners
struggling with site hosting on IIS and configuring it. There are so
many things related with IIS and it is not possible to mention all
of them in a single article. This is just an overview. I hope that in
future I will publish a few more articles on IIS in detail.
Please give your valuable feedback and suggestions in order to improve
the article. Thank you.
My IIS Articles @ CodeProject
Below are a few articles on IIS that I have published at CodeProject:
- Deploying ASP.NET Websites on IIS 7.0
- Debug Your ASP.NET Application Hosted on IIS: Process Attach and Identify Which Process to Attach
- Remote IIS Debugging: Debug Your ASP.NET Application Hosted on a "Remote IIS Server"
Reference and Further Study
- IIS 6.0 Architecture
- IIS 6.0 Process Model
- IIS 6.0 Request Processing
- ASP.NET Internals - Request Processing
- Deploying a Site on IIS
- Application Pool Health Monitoring
- Application Pool Health Check
- IIS Internals
- More About Application Pools
- SSL Configuration in IIS
Here are some good tutorials for FTP configuration on IIS. These may be very helpful for beginners:
- Creating and Configuring FTP Sites in Windows Server 2003
- How to Set Up an FTP Server in Windows Server 2003
