Bobcares
Client Area
Emergency Support
Server Administration | VMware

A First Look at IIS 7

by | Jun 21, 2009

Author

Over the years, the structure of IIS has undergone several changes. IIS 7.0, which is the most recent edition of it, is quite different from IIS 6.0. However, though the code base has been completely rewritten, most of the concepts are still the same.

A marking difference that any newbie would note about IIS 7 is its modular structure. Let me take you across the basic architecture of IIS 7 through this article.

This will get you an idea about the following areas:

  • Basic architecture of IIS 7
  • New configuration structure of IIS 7 (Various configuration files and its uses)
  • Modular structure of IIS 7
  • HTTP Request Processing in IIS 7.0

The basic functionality of the IIS web server is broken into 3 parts.

http.sys: It is a kernel mode driver that listens to port 80 for incoming web requests and then passes those requests to the IIS core.

svchost.exe: It’s function includes identifying specific website destinations, managing resources, execution of relevant worker processes that are used to handle requests.

w3wp.exe: It handles all the remaining request processing.

 

If you are familiar with IIS 6, then you will notice that the basic structure of IIS 7 is same as that of IIS 6. The major difference lies in the implementation of the worker processes. Even though the application pools executes requests independently, the way in which the worker processes handle the requests is entirely new.

In the new architecture, every piece of functionality that was earlier handled by the worker process is now delegated to a module which can be enabled or disabled as per our wish.

By default, IIS includes more that 40 individual modules. You can create a perfectly functional web server with a handful of default modules.

image

IIS 7 allows the services that are provided by both native and managed modules to apply to all requests, with no regard to the handler.

We will come back to this with a simple example of enabling modules per server and in sites. For the time being, I will focus on the configuration changes in IIS 7 with respect to its earlier editions.

In IIS 6, ASP.NET was included as an ISAPI filter and its requests exited the pipeline, to be processed by the aspnet.dll (ASP.NET processing pipeline). It was then returned to the core IIS processing pipeline for further processing.

In the architecture of IIS 7, ASP.NET plays a much larger role that ever before. Here the ASP.NET processing pipeline is included with the core IIS processing pipeline. The performance of ASP.NET is also improved, since the ASP.NET application does not need to exit the pipeline and then load the ISAPI process in order to handle the ASP.NET requests. This tight integration of ASP.NET means that, its specific features such as authentication can be now used with any kind of files, such as HTML, Perl etc.

The decision that led to the new configuration structure was a battle between IIS and ASP.NET. In the end, the IIS development team decided to make ASP.NET configuration structure as a new standard. The old metabase configuration structure is now replaced with the XML based method. This is indeed a welcome change for those who are familiar with ASP.NET. The bottom line is that the web.conf files of the websites and the applications now control both IIS and ASP.NET configuration.

Machine.config       %windir%\Microsoft>NET\Framework\<version>\config\
It contains most of the .NET Framework sections and settings. This isn’t new to IIS 7.0.

web.config(root)       %windir%\Microsoft>NET\Framework\<version>\config\
This also contains most of the .NET Framework sections and settings. Again, this isn’t new to IIS 7.0.

applicationHost.config      %windir%\system32\inetsrv\config
It contains the IIS global web server configuration sections and site settings that use location tags.

administration.config       %windir%\system32\inetsrv\config
It contains the configuration of IIS manager and IIS manager users.

redirection.config      %windir%\system32\inetsrv\config
web.config(site)       Web site root path.
It contains the ASP.NET or IIS settings for the site.

web.config(application)     Web site application path
It contains the ASP.NET or IIS settings for the application.

By now, you should be familiar with the configuration structure of IIS7. Let me now explain the modular structure of IIS 7 with a simple example of enabling / disabling modules per server and on site basis.

Suppose, I am configuring a web server capable of hosting only plain old HTML web sites and I do not want to host any sites which needs application processing. In this case, I need to only enable the following modules.

  • StaticFileModule – It provides the access to the file system.
  • AnonymousAuthenticationModule – It defines the user credentials that are needed to access the file system.

 

In addition to these 2 modules, I am also enabling following two:

  • DefaultDocumentModule – It adds the default document to the incoming request URL, when a document name is not explicitly requested.
  • StaticCompressionModule – It is to reduce bandwidth usage while accessing images and static content.

 

image

In the new architecture, every piece of functionality that was earlier handled by the worker process is now delegated to a module which can be enabled or disabled as per our wish.

Let’s now see how we can achieve the configuration task.

 image Start off by creating a backup of the system configuration.

 %windir%\system32\inetsrv\appcmd add backup original

 image You can restore the configuration to its original state by executing the following command.

 %windir%\system32\inetsrv\appcmd restore backup original

 image Open %windir%\system32\inetsrv\config\applicationhost.config. Find the section for HTTP modules and replace the contents with the following:

<modules>
<add name=" StaticFileModule" />
<add name="AnonymousAuthenticationModule" />
<add name="DefaultDocumentModule"/>
<add name="StaticCompressionModule"/>
</modules>

 image Now, restart the IIS service.

The customization that we have just displayed will affect the entire webserver. However, it is rare to see all the websites on a given server have identical functional requirements. But, it is possible to customize the module configuration for individual websites. If you need to configure a website to load only StaticFileModule, AnonymousAuthenticationModule and DefaultDocumentModule, do the following:

Create a web.config file in the web root of the site with the following contents:

<? xml version="1.0" encoding="UTF-8?>
<configuration>
     <system.webserver>
          <modules>
             <clear/>
            <add name=" StaticFileModule" />
            <add name="AnonymousAuthenticationModule" />
            <add name="DefaultDocumentModule"/>
            </modules>
      </system.webserver>
</configuration>

NB: By default, the worker process of this website will inherit all the modules from the <modules> section of applicationhost.config file. The <clear/> tag will block the inheritance of the default <modules> configuration that is defined in applicationhost.config file.

By now, you should be having a fair understanding of the configuration structure and modular nature of IIS 7. Let’s now check out the request processing in IIS 7. We can briefly illustrate it as follows:

 

  • HTTP.sys intercepts the incoming HTTP request.
  • The HTTP.sys contacts WAS( Windows Activation Service) to obtain the information from the configuration store (applicationHost.config)
  • WAS obtains the configuration information from the applicationHost.config.
  • The WWW Service receives the configuration information which includes the application pool and site configuration.
  • The WWW Service then configures HTTP.sys using this configuration information.
  • The WAS then starts the corresponding worker process to which request was made.
  • The worker process is responsible for processing the request and giving the response to HTTP.sys.
  • The response is then sent back to the client.

 

The main benefits of integrating the ASP.NET runtime with the core web server in IIS 7 are as follows:

  • It allows the services that are provided by both native and managed modules to apply to all requests, with no regard to the handler.
  • It empowers the ASP.NET components to provide functionalities that was previously unavailable to them because of their placement in the server pipeline.
  • It provides a single place to implement, configure, monitor and support server features.

 

I hope this article has helped you get familiarized with IIS 7 and also in devolving an interest to learn more about it.. So, now get started with IIS 7.0, which provides you a secure, easy way to manage web platforms for reliably hosting rich web applications and web services.

About the Author :

Hari Vishnu, Software Engineer has been working with Bobcares for more than an year now. He has expertise in both Windows and Linux server Administration, and he is considered to be a master when it comes to Windows servers. Apart from the technical side, he has gained a reputation as a gifted stage performer too.

Related posts:

  1. How to fix “HTTP/1.1 New Session Failed” error in Odin Plesk Windows Virtuozzo VPS servers
  2. Secure your Windows 2003 and 2008 servers from WannaCry ransomware
  3. Are your servers secure against Petya Ransomware attack?
  4. How to Block IPs in Windows Firewall : Easy method!

1 Comment

  1. Tharun
    Tharun on 2009-07-02 at 04:27

    good one.. 🙂

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. How to fix “HTTP/1.1 New Session Failed” error in Odin Plesk Windows Virtuozzo VPS servers
  2. Secure your Windows 2003 and 2008 servers from WannaCry ransomware
  3. Are your servers secure against Petya Ransomware attack?
  4. How to Block IPs in Windows Firewall : Easy method!

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF