Today, the web site is like a window to show the organization to the outside of the world. It is also a platform where the customer and service provider collaborate with each other.
Lecture notes and Study notes
The architecture of IIS is modular, which allows you to install only the components you require to
- conserve server resources,
- maintain peak performance,
- reduce security risks.
Web application: not the same thing as a web site, it runs within the context of a site, but the site can have different areas that do not require the user to interact with any particular web application.
To determine how a user accesses a web application, the web application can be classed into:
- Directory-dependent applications: A directory-dependent application is accessed by directly referring to the directory where it resides within the URL. like: www.google.com/login
- URL-Specified applications: A URL-specified configuration determines the appropriate application to execute by looking at parameters parssed in the URL . www.google.com?uid=1214. If the uid is 0, server will automatically directs the user to the login page. If the uid had been greater than 0, indicating that the user was already logged on, the user may have been redirected to a home page or a welcome page.
- .ASP(classic ASP), ASPX( ASP.NET): Active server pages are one of the most common types of Web application in the Windows Server environment. Most classic ASP files will run as ASP.NET pages.
Content of the IIS role services
- .NET Framework3.5.1: include the Windows Communication Foundation(WCF), Windows Workflow Foundation(WF), and Windows Presentation Foundation(WPF). These create an infrastructure developers can use to create powerful Web applications.
- Web Server support: makes the application server features available to Web applications.
- Com+ network access: enable the application server to host remote invocation of applications built with COM+ or Enterprise Services components. COM(Component Access Model) allows developers to access code from a distributed infrastructure.
- TCP port sharing: allows multiple .NET applications to share the same TCP port.
- Windows process Activation Service Support (WAS) enables the application server or IIS itself to access applications remotely on the network using different types of protocols and services such as TCP activation, HTTP activation, Named Pipes Activation and Message Queuing Activation. This allows application to start and stop dynamically in response to incoming requests.
- Distributed transactions: provides services for transactions over multiple databases on multiple computers on the network.
Application pools isolate your web sites from your web applications. Each application pool contains its own worker processes independent of the other pools, preventing problems with one site or application from creating trouble or performance problems for other sites.
Advanced button on the Properties:
Masquerade domain: This setting automatically changes the From address to the domain entered here. If you want all message from this server to have a consistent domain, you should use this setting.
Smart host: Route all of the mail through another specific SMTP server.
- This can secure multiple SMTP servers by only exposing one for external addresses.
- Also help if the network is not using a static IP address. Mail that comes from a server with a dynamic IP address will generally be flagged as spam on most system today.
Perform reverse DNS lookup on incoming messages: This option cause the SMTP server to perfoorm a reverse DNS lookup to match the user’s domain name against the IP address in the header. This will create more overhead for the server but it decrease the risk of sending spam when message headers been spoofed.
IIS vs Apache.
If we are planning to host website, there are several choices, IIS, Apache, or Nginx.
- Open source, freely distributed. User can edit and tweak performance.
- Excellent security.
- Combined with MySQL database and PHP scripting language.
- Extended functionality: From
- Supports virtual hosting.
- a lot of redundant features are not used in daily basis.
- Process-based server: Each simultaneous connection requires a separate thread, this generates significant overhead.
Have about 29.14% market, the second largest. It only runs and is bundled on windows operating system, however, its free to use.
- Supporting FTP publishing, application request routing, media services and URL rewriting.
- Strong support for Microsoft Product .NET and ASPX.
- Offers in-depth diagnostic tools, such as failed request tracing, request monitoring and runtime data.
- Virtual Hosting support.
- Corporate support.
- Slightly behind apache in terms of performance.
Purpose of the lab in this chapter: Practise how to configure Web server, FTP server, SMTP server, which map to web page service, file service and Email service, respectively. Eventually we have to compare the differences(pros cons) between windows server and linux server. Because no doubt that Linux and Unix is dominating this market nowadays.
Create a Web Application or Page: This lab basic is map a website to a folder, then we can add the files in this folder for the user to browse. Note that, the home page should be named as index.html, index.htm, index.php. Then we can create a simple page to test the functionality of the server:
<h1>Welcome to the test page</h1>
This would be a very useful function for large corporation, different developing department work on different folders, such as css developers, web app developers, graphic designers.
Options dose not provide isolation.
- FTP root directory: Allows all users to access the FTP root folder after logging in.
- User name directory: add a folder whose name is exactly same as user name under site root folder, after logging in, the user will be dropped in the respective folder. But this does not provide isolation, users can browser to upper folders and change the working folder by manual input a folder name.
Options provide isolation.
- User name directory(disable global virtual directories): For domain user: the path is “%domainname%(without .com)/username” . For local user(Basic authentication), the path is “LocalUser/username“. For Anonymous users “\LocalUser\Public“. IIS Manager or ASP.NET custom authentication user accounts “LocalUser\UserName“.User can navigate in their folder, but can not navigate above it or manual to any global virtual directories.
- user name physical directory(enable global virtual directories). The user starts in their home folder but will have access to global virtual directories that you create.
- FTP home directory configured in Active Directory. If a user is a member of the Active Directory Domain. they will start in the folder specified in AD. Can be configured in “Active Directory Users and Computers”, navigate to the domain -> users, in right pane, right click the user “properties”, in the Profile tab, add the path under the “Home folder” tag.
Problem I met: Because my web server is a DC in the domain, the users are all domain user. I tried the “frankfu.com” as the domain folder then create “tom” folder for a user. But always pop the wrong message when I tried to connect to the server. “530 User cannot log in, home directory inaccessible.” I use Procmon to monitor the “srchost.exe” which is listening to FTP service(PID 1500).then I found this record as the picture bellow.so the service suppose to find the path C:\inetpub\ftproot\tom\FRANKFU\Tom\ but my path is C:\inetpub\ftproot\tom\FRANKFU.COM\Tom\ . So change the path, the problem solved!
Webserver market share: http://news.netcraft.com/archives/2015/08/13/august-2015-web-server-survey.html