Notes from Tech-Ed session "Internet Information Services (IIS) 7.5 for Developers"
Steve Evans' presentation "Internet Information Services (IIS) 7.5 for Developers" at Tech-Ed, NA 2011, had some interesting IIS tips & tricks. I transcribed some of them from the more than hour-long video recording on Channel9 -
- Developers have Swiss cheese knowledge – they know a lot but there are holes in what they are familiar with.
Certificates
- Certificate Authority (CA) creates a cert for a specific site & date range, the OS trusts it.
- Client connects to server, pulls down cert & check for 3 things -
* Certificate creator trusted?
* Host header matches?
* Date is in range?
- Configuring SSL certificates - A wildcard certificate can be used for multiple sites related to each other
- You can drop a non-CA issued cert into the Trusted Root Certification Authority to simulate a real scenario while experimenting with a feature
PowerShell
- strong support in IIS 7.5
- PowerShell treats IIS as a drive
DefaultDocument setting
- DefaultDocument setting within IIS Manager lets you specify the default file to return when a client does not request a specific file.
- Interesting IIS notification when I tried the DefaultDocument setting on an Application - "The file ‘default.aspx’ exists in the current directory. It is recommended that you move this file to the top of the list to improve performance"
Feature Delegation
- Feature Delegation module is used to configure the default delegation state for features at lower levels in IIS Manager
- web.config is created automatically when certain settings are added in IIS.
- we have the option in IIS to change which settings are stored in the web.config versus the IIS metabase. Its through Feature Delegation.
- if Feature Delegation is set to Read Only, the setting is stored in the IIS metabase
Application Pool- is where the code runs
- Managed pipeline mode setting for Application Pool has 2 options –
* Integrated – ASP.NET is part of the pipeline
* Classic
- Be in Integrated mode whenever you can
- 10 year old codebase in ASP migrated to IIS 7.5 ran fine in Integrated mode
- Application Pool > Advanced Settings | General > “Enable 32-bit application”-false will address more than 4 gigs of memory
- Application Pool > Advanced Settings > Process Model | Idle timeout – set to 0 on Production server, default is 20 minutes
- Every 29 hours (Recycling | Regular time interval - 1740 minutes), the app pool will recycle (inproc sessions will be lost) no matter what
-Worker Processes module in IIS Manager lists all App pools
- Host rogue or crash-prone apps in a separate app pool so that it’s in a sandbox
Failed Request Tracing Rules
- configure tracing for failed requests. A request trace is logged either when an error status code is generated or when the time taken for the request exceeds a specified duration. If both conditions have been fulfilled, the first condition that is met willl generate the request trace.
Log Parser Lizard
- free GUI tool for MS Log Parser
MS Web Deploy /One Click deploy - available through command-line (MSDeploy.exe) & GUI
- Example: msdeploy -verb:sync -source:webServer -dest:webServer,computerName=demoiis -whatif - informs what would change on a sync but not actually change it.
Security
- After the Code Red security issue in IIS5, from IIS6 onwards components of IIS are disabled by default.
- URL Scan is built into IIS 7.
Web Platform Installer - app store for IIS
URL Rewrite - popular extension for IIS
- allows us to write rules to change the request coming in & going out on they fly
- comes with a bunch of pre-canned rules
- The sample rule UserFriendlyURL makes URLs SEO-friendly
- provides rewriting capabilities based on rules for the requested URL address & the content of an HTTP response. So if user types http://site2.com/ IIS can make it look as http://www.site2.com/
- You can rename URL Rewrite configured rules in web.config to have memorable names rather than using the automated default names.
IIS Express
- true IIS except it does not run as a service, it runs as a app under your user context.
- "Use IIS Express" appears in context menu for project in VS & you can switch from using Cassini to IIS Express. URL Rewrite, FRT, Log files (for use with Log Parser) available with IIS Express
Also see: Free videos from major Microsoft Developer events are archived on Channel9
- Developers have Swiss cheese knowledge – they know a lot but there are holes in what they are familiar with.
Certificates
- Certificate Authority (CA) creates a cert for a specific site & date range, the OS trusts it.
- Client connects to server, pulls down cert & check for 3 things -
* Certificate creator trusted?
* Host header matches?
* Date is in range?
- Configuring SSL certificates - A wildcard certificate can be used for multiple sites related to each other
- You can drop a non-CA issued cert into the Trusted Root Certification Authority to simulate a real scenario while experimenting with a feature
PowerShell
- strong support in IIS 7.5
- PowerShell treats IIS as a drive
DefaultDocument setting
- DefaultDocument setting within IIS Manager lets you specify the default file to return when a client does not request a specific file.
- Interesting IIS notification when I tried the DefaultDocument setting on an Application - "The file ‘default.aspx’ exists in the current directory. It is recommended that you move this file to the top of the list to improve performance"
Feature Delegation
- Feature Delegation module is used to configure the default delegation state for features at lower levels in IIS Manager
- web.config is created automatically when certain settings are added in IIS.
- we have the option in IIS to change which settings are stored in the web.config versus the IIS metabase. Its through Feature Delegation.
- if Feature Delegation is set to Read Only, the setting is stored in the IIS metabase
Application Pool- is where the code runs
- Managed pipeline mode setting for Application Pool has 2 options –
* Integrated – ASP.NET is part of the pipeline
* Classic
- Be in Integrated mode whenever you can
- 10 year old codebase in ASP migrated to IIS 7.5 ran fine in Integrated mode
- Application Pool > Advanced Settings | General > “Enable 32-bit application”-false will address more than 4 gigs of memory
- Application Pool > Advanced Settings > Process Model | Idle timeout – set to 0 on Production server, default is 20 minutes
- Every 29 hours (Recycling | Regular time interval - 1740 minutes), the app pool will recycle (inproc sessions will be lost) no matter what
-Worker Processes module in IIS Manager lists all App pools
- Host rogue or crash-prone apps in a separate app pool so that it’s in a sandbox
Failed Request Tracing Rules
- configure tracing for failed requests. A request trace is logged either when an error status code is generated or when the time taken for the request exceeds a specified duration. If both conditions have been fulfilled, the first condition that is met willl generate the request trace.
Log Parser Lizard
- free GUI tool for MS Log Parser
MS Web Deploy /One Click deploy - available through command-line (MSDeploy.exe) & GUI
- Example: msdeploy -verb:sync -source:webServer -dest:webServer,computerName=demoiis -whatif - informs what would change on a sync but not actually change it.
Security
- After the Code Red security issue in IIS5, from IIS6 onwards components of IIS are disabled by default.
- URL Scan is built into IIS 7.
Web Platform Installer - app store for IIS
URL Rewrite - popular extension for IIS
- allows us to write rules to change the request coming in & going out on they fly
- comes with a bunch of pre-canned rules
- The sample rule UserFriendlyURL makes URLs SEO-friendly
- provides rewriting capabilities based on rules for the requested URL address & the content of an HTTP response. So if user types http://site2.com/ IIS can make it look as http://www.site2.com/
- You can rename URL Rewrite configured rules in web.config to have memorable names rather than using the automated default names.
IIS Express
- true IIS except it does not run as a service, it runs as a app under your user context.
- "Use IIS Express" appears in context menu for project in VS & you can switch from using Cassini to IIS Express. URL Rewrite, FRT, Log files (for use with Log Parser) available with IIS Express
Also see: Free videos from major Microsoft Developer events are archived on Channel9
Comments
Post a Comment