3.2 IIS Features
The following feature icons and respective configuration pages are associated with IIS configurations:
• ASP—The first IIS
feature page in the list is ASP. This page is meant for managing
classic ASP settings, such as the following elements: Behavior,
Compilation, Debugging, Services, Caching Properties, Com Plus
Properties, and Sessions Properties.
• Authentication—The
Authentication page is synonymous with the legacy Security tab in IIS 6
and earlier. This page is used to configure security authentication
methods. Security can be administered for a web server, website, or a
specific page. Authentication methods such as anonymous, ASP.NET
impersonation, Basic authentication, digest authentication, forms
authentication, and Windows authentication can be configured. Take note
as anonymous authentication is enabled by default and might have to be
disabled before a different authentication method can be used. In
legacy versions, these authentication types were installed and enabled
out of the box. However, with the modularized installation approach and
security-minded product design, each element now needs to be selected
separately during the installation process and then enabled using this
page.
• Authentication Rules—Use
this page to enforce control of web content access by utilizing Allow
or Deny rules. Other IIS features such as Users and Roles are
associated with this feature as you can specify Allow and Deny rules to
already created users and roles.
• CGI—IIS 8 supports
CGI applications. This page is used to configure CGI properties, which
allows these applications to run on an IIS 8 web server. Additional
elements on this page control other aspects of CGI applications,
including CGI timeout values, whether a CGI application runs in its own
console, and, finally, the security context the application will
utilize.
• Compression feature page—Two
options available on this page enhance transmission times between the
server and browsers. The compression elements that can be configured
consist of compressing static content and compressing dynamic content.
Note
For clients to leverage this feature, they
must use a web browser that supports compression, such as Microsoft
Internet Explorer 7.0 or later. In addition, the use of dynamic
compression can increase processor utilization on the server.
• Default Document—Similar
to the concept in earlier versions of IIS, the Default Document page is
used to select the default web page that appears when a user connects
to a site. An example is default.htm. Multiple default documents can be
provided with an order-based precedence. This feature can be enabled or
disabled via the Actions pane.
• Directory Browsing—This
feature is disabled out of the box. By selecting the Enable task in the
Actions pane, this page can be used to configure directory browsing
functionality. The elements that can be selected include Time, Size,
Extension, Date, and Long Date.
• Errors feature page—The
Errors feature page is similar to the Custom Errors tab on legacy
versions of IIS. An administrator can use this page to create custom
error messages for web server clients. It is possible to edit a default
error or create a new error page.
• Failed Request Tracing Rules—This
setting is used to manage a list of tracing rules for failed requests.
The Failed Request Tracing Rules Wizard is invoked by clicking Add in
the Actions pane. The wizard walks you through the creation of the
trace by first requesting information about what will be traced. The
options include All Content, ASP.NET, ASP, and Custom. Trace Conditions
are defined on the next page. Conditions include Event Severity, Status
Codes, or Time Taken in Seconds. The final page is utilized to select
the trace providers.
Note
When configuring Failed Request Tracing Rules
for a site, logging of failed requests must be enabled for the site. If
it is not, Failed Request Tracing Rules will not generate a trace.
• FastCGI Settings—Use this server-level page to configure FastCGI applications that are used by the IIS servers and hosted websites.
• Handler Mappings—Use
this page to specify resources that will handle responses for specific
request types. Actions include Add Managed Handler, Add Script Map, Add
Wildcard Script Map, and Add Module Mapping.
• HTTP Redirect—Sometimes
there is a need to redirect incoming requests to an alternate uniform
resource locator (URL) or website. To achieve this goal, the HTTP
Redirect page can be used to redirect requests to a specific
destination.
• HTTP Response Headers—This feature should be used to configure HTTP headers based on entering name and values to responses from the web server.
• IP Address and Domain Restrictions—This
page is used to create and manage rules that grant or deny computer
networks and IP addresses access to specific web content. The rules
available consist of Allow or Deny, and it is possible to enter a
single IP address, range of IP addresses, or domain name. Finally,
rules can be added to a page, site, or inherited from the parent. New
to IIS 8, dynamic restrictions can be edited using the appropriate task
from the Action pane. Dynamic restrictions can automatically deny
access to an IP address based on the number of concurrent requests or
based on a number of requests over a period of time.
• ISAPI Filters—ISAPI
filters are programs that respond to certain events during HTTP request
processing. You can add, enable, and disable filters for a website on
this page.
• Logging—The
Logging feature page configures how IIS log requests will be handled
for the web server.
• MIME Types—The MIME
Types feature page is utilized for managing a list of Multipurpose
Internet Mail Extensions (MIME) types for the web server or website.
When creating or managing MIME types, the extension and MIME type must
be entered.
• Modules—This feature
should be used when managing or adding managed code modules and
configuring native modules to a web server or website. Authentication
and compression are examples of native code modules.
• Output Caching—The
Output Caching features page is leveraged when defining a set of rules
associated with caching content. Some of the cache settings include
defining file extensions, maximum cache response sizes, and cache size
limit in megabytes (MB).
• Request Filtering—The
page is used to configure filtering rules for a website or application.
Components that can be allowed or denied using this feature are File
Name Extensions, Rules (strings), Hidden Segments, URL, HTTP Verbs,
Headers, and Query Strings.
• SSL Settings—This
page helps an administrator require SSL for a website or virtual
directory and configure support for client certificates.
• Server Certificates—This
feature page, which is available for the server only, provides an
interface to install, manage, and configure SSL certificates used by
IIS.
• WebDav Authoring Rules—This feature page is used for managing a list of authoring rules that control access to content.
• Worker Processes—This
server-level feature page provides information about worker processes
running on the IIS server. Detailed information provided for each
process includes Application pool name, process ID, state, CPU %,
private bytes (KB), and virtual bytes (KB).
3.3 Management Features
The following feature icons and respective configuration pages are associated with Management configurations:
• Central Certificates—This
new server-level page allows an administrator to configure a location
for where the central certificate store (CCS) is stored. A password for
private keys can also be entered.
• Configuration Editor—This
new page allows an administrator to access and manage configuration
files affiliated with sections such as server, site, or application
within IIS Manager.
• Feature Delegation—This
server-level feature page is used to delegate configuration of various
IIS features. Configuring feature delegation unlocks the appropriate
section within the IIS configuration files to allow the configuration
to be changed at a lower-level configuration file such as those for a
site or application.
• IIS Manager Permissions—This feature page is used to allow or deny users access to various components in IIS, including websites and applications.
• IIS Manager Users—This
feature page is used for managing and provisioning IIS Manager users
that can be assigned roles as well as access to a website or
application.
• Management Service—This
server-level feature page is used to configure remote management access
to the IIS server. The page allows for configuration of credentials,
protocol information, logging, and IP address restrictions for remote
management connections.
• Shared Configuration—This
server-level feature page is used for managing configuration files for
farms of IIS servers. A shared configuration location can be configured
for farms that are deployed using a centralized shared configuration
model. IIS configuration files can also be exported using the Action
pane tasks on this page.
