Что такое IIS (Internet Information Services) или Windows Web - альтернативы IIS

IIS , сокращение от Internet Information Services и ранее известный как Internet Information Server, представляет собой веб-сервер от Microsoft, который был разработан для использования с продуктами Windows, начиная с семейства NT.

Этот веб-сервер используется, чтобы помочь пользователям Windows размещать в Интернете различные типы контента, такие как мультимедийные файлы, документы или даже полноценные веб-сайты. В настоящее время самым популярным веб-сервером Windows является Apache, за которым следует IIS, что весьма впечатляет.

Что такое IIS?

IIS - это веб-сервер, с которым легко ознакомиться благодаря интуитивно понятному графическому интерфейсу пользователя (GUI), который позволяет вам управлять веб-сайтами, связанными с сервисом, и связанными с ними пользователями . Графический интерфейс IIS позволяет легко разрабатывать, настраивать, настраивать и публиковать веб-сайты из одного места.

Он имеет встроенный инструмент управления веб-сайтами под названием IIS Manager, который вы можете использовать для настройки таких параметров, как настройки безопасности, параметры производительности, настройки ведения журнала, а также страницы ошибок или значения по умолчанию для администрируемых вами веб-сайтов.

С технической точки зрения IIS довольно универсален, так как он может обслуживать как стандартные, так и динамические веб-страницы без значительных усилий. Таким образом, вы можете использовать его для создания и публикации веб-страниц HTML, но приятно знать, что вы также можете управлять страницами PHP и приложениями ASP.NET.

Благодаря своей гибкости IIS может запускать сценарии и приложения, содержащиеся на динамических веб-страницах, и отображать результаты на экране веб-браузера посетителя. Со статическими веб-сайтами процесс еще проще: IIS просто отправляет HTML-контент и изображения (если есть) в веб-браузер посетителя.

Какова цель IIS?

Благодаря полной поддержке Microsoft и наличию множества дополнительных функций IIS является отличным выбором для создания коммерческих веб-сайтов, таких как электронные магазины или веб-сайты с рекламными портфолио, и управления ими.

Обратной стороной является то, что использование IIS в коммерческих целях также означает, что вам понадобится коммерческая лицензия. Кроме того, цена этого типа лицензии варьируется в зависимости от того, сколько пользователей вы хотите включить.

Итак, мы уже установили, что IIS можно использовать для создания и размещения веб-сайта, а также тот факт, что он поддерживает статический и динамический веб-контент. Однако IIS - это гораздо больше, чем просто это. Например, вы можете использовать встроенную поддержку модулей для расширения функциональности вашего сервера.

На ваш сервер можно установить потоковые модули, чтобы посетители вашего сайта могли получать выгоду от потокового мультимедийного контента. Вы также можете использовать модуль перезаписи URL, который позволяет создавать эффективные правила реализации URL, чтобы посетители могли легко их запоминать, а поисковые системы могли находить их быстрее.

Поэтому само собой разумеется, что если вам нужен быстрый способ создать и опубликовать веб-сайт, IIS - один из лучших способов сделать это. Самым лучшим способом по-прежнему остается Apache HTTP, поскольку он имеет открытый исходный код и позволяет использовать его бесплатно, независимо от количества пользователей.

История версий IIS

Стоит отметить, что изначально IIS задумывался как альтернатива веб-серверу, который разрабатывался как исследовательский проект. Первый проект веб-сервера, подписанный Microsoft, распространялся как бесплатное ПО и был разработан для EMWAC (европейский академический центр Microsoft Windows NT).

Однако, увидев, что сервер EMWAC не может обрабатывать весь объем трафика, который шел на веб-сайт microsoft.com, проект был закрыт, и Microsoft разработала свой собственный веб-сервер в форме IIS.

Один примечательный аспект заключается в том, что большинство версий IIS были выпущены вместе с версией операционной системы Windows или вместе с ней. Конечно же, тогда IIS был просто тенью того, как мы его знаем сегодня; Фактически, каждый выпуск Windows вполне может служить контрольной точкой для эволюции IIS.

• IIS 1.0
  • Первый выпуск IIS
  • Выпущено как бесплатное дополнение для Windows NT 3.51
• IIS 2.0
  • Входит бесплатно в Windows NT 4.0
• IIS 3.0
  • Входит в пакет обновления 2 (SP2) для Windows NT 4.0
  • Добавлена ​​среда динамического сценария Active Server Pages.
• IIS 4.0
  • Выпущено как компонент Option Pack для Windows NT 4.0.
  • Добавлено административное приложение на базе MMC.
• IIS 5.0
  • Входит в состав Windows 2000
  • Добавлен:
    • Новые методы аутентификации
    • Поддержка протокола WebDAV
    • Улучшения ASP
    • HTTP.SYS
  • Удаленный:
    • Поддержка протокола Gopher
• IIS 5.1
  • Входит в состав Windows XP Professional
  • Не сильно отличается от IIS 5.0
• IIS 6.0
  • Входит в состав Windows Server 2003 и 64-разрядной версии Windows XP Professional.
  • Добавлен:
    • Поддержка IPv6
    • Поддержка нового рабочего процесса для повышения надежности и безопасности
    • Введен HTTP.SYS в качестве прослушивателя портов HTTP-запросов.
• IIS 7.0
  • Поставляется с Windows Server 2008 и Windows Vista
  • Добавлен:
    • Новая модульная конструкция для повышения производительности и уменьшения площади атаки
    • Система конфигурации иерархии для упрощения развертывания веб-сайтов
    • Приложение для управления на основе Windows Forms
    • Новые параметры управления из командной строки
    • Лучшая поддержка .NET Framework
  • Измененный:
    • Неограниченное количество разрешенных подключений
    • Количество одновременных запросов ограничено 10 или 3, в зависимости от операционной системы.
    • Разрешает дополнительные запросы и ставит их в очередь, а не отбрасывает их
• IIS 7.5
  • Включен в Windows Server 2008 R2 и Windows 7 (требуется активация вручную из программ и компонентов)
  • Добавлен:
    • Поддержка TLS 1.1 и TLS 1.2
    • Инструмент "Анализатор соответствия рекомендациям"
    • Изоляция процессов для пулов приложений
  • Улучшен:
    • Модули FTP и WebDAV
    • Администрирование из командной строки в PowerShell
• IIS 8.0
  • Доступно исключительно в Windows Server 2012 и Windows 8
  • Добавлен:
    • SNI (привязка имени хоста SSL)
    • Централизованная поддержка сертификатов SSL
    • Инициализация приложения
    • Многоядерное аппаратное масштабирование NUMA
• IIS 8.5
  • Включен в Windows Server 2012 R2 и Windows 8.1
  • Добавлен:
    • Выгрузка страницы незанятого рабочего процесса
    • Расширенное ведение журнала
    • Активация динамического сайта
    • Автоматическая повторная привязка сертификата
    • Ведение журнала ETW
• IIS 10.0
  • Версия 1607
    • Включено в Windows Server 2016 и юбилейное обновление Windows 10
    • Добавлен:
      • Поддержка HTTP / 2
      • Запуск IIS на нано-серверах в контейнерах Windows
      • Новый API управления отдыхом и графический интерфейс управления через Интернет
      • Заголовки хоста с подстановочными знаками
  • Версия 1709
    • Включено в Windows Server версии 1709 и Windows 10 Fall Creators Update
    • Добавлен:
      • Поддержка HSTS
      • Улучшения контейнера
      • 4 новых серверных переменных
      • Site binding PowerShell cmdlets
  • Version 1809
    • Included in Windows Server 2019 and Windows 10 October Update
    • Added:
      • Per-site HTTP/2 and OCSP Stapling control flags
      • Compression API
      • GZIP and brotli support module
      • HSTS configuration module

If you plan on using IIS, try sticking with the latest stable version, as it’s usually the one that has the tightest security and yields the best performance-oriented results, especially if you’re running the latest version of Windows or Windows Server.

How to install IIS?

As we previously stated, you don’t need to install IIS, as it should actually come bundled with your Windows version. If you’re using Windows 10, you should already have some version of IIS 10.0 available on your PC.

However, Microsoft decided not to activate IIS by default, so you’ll need to enable it manually. But don’t worry, it’s not exactly rocket science to get this done. Just follow these steps to activate IIS on your PC:

1. Open your Control Panel
2. Go to Programs and Features
3. Click the Turn Windows features on or off button
4. Check the Internet Information Services box
5. Click the OK button

Now you may want to restart your PC so that your system can load all required configuration files and let you use IIS to its full extent. It may also work without restarting your PC, but rebooting your system after enabling a new feature is never a bad idea.

You can also enable IIS on your computer by using PowerShell. If you never heard of it, PowerShell is a complex tool that many mistake for CMD. PowerShell is way more complex than that, but we won’t get into too much detail. Without further ado, here’s how you can enable IIS on your Windows PC using PowerShell:

1. Launch PowerShell
2. Copy and paste the following command in PowerShell:
   • Enable-WindowsOptionalFeature –online –featurename IIS-WebServerRole
3. Wait for the process to come to an end

As you can see, PowerShell hints that no restart is required after enabling IIS on your Windows 10 PC. If you want to rever the process, you can use the following command to disable IIS using PowerShell:

• Disable-WindowsOptionalFeature –online –featurename IIS-WebServerRole

However, note that for disabling this feature, even PowerShell recommends that you restart your PC. It’s also possible to restart it later, just don’t start any new projects in the meantime.

How does the IIS server work?

First and foremost, it’s worth noting that IIS has its own process engine that can take care of all client-server requests. Therefore, whenever a client sends a request to your web server, IIS processes that request, generates a reply, and sends it to the client.

From an architectural standpoint, this process unfolds on two different layers:

• Kernel Mode – the code can execute any command, given that it has full access to connected hardware, which is precisely why this mode is used exclusively for trusted processes and why crashes in this mode can bring the whole system down. Last, but not least, HTTP.SYS can be found in Kernel Mode.
• User Mode – commands that are executed in this mode don’t interact directly with hardware or reference memory, but employ APIs to do that for them. This mode offers an additional layer to prevent mishandling of the server and mistakes can be easily undone if necessary.

As we’ve mentioned above, you can find HTTP.SYS in the Kernel Mode. HTTP.SYS is used to forward client requests to an application pool. This request forwarding process is initiated whenever the client interacts with the web site’s URL, attempting to access the page. Whenever this happens, HTTP.SYS retrieves the client’s requests and queues them for specific application pools.

After the forwarding of the request, w3wp.exe (the Worker Process) loads the ISAPI filter and either loads HttpRuntime.ProcessRequest by itself, or in conjunction with aspnet_isapi.dll if it’s an ASPX page. The launch of HttpRuntime.ProcessRequest marks the beginning of the processing, after which the HttpRuntime process uses HttpApplication objects to build a pool, the contents of which will be passed through HTTP.

The HTTP modules are then activated, and this process goes on until the request gets to the ASP.NET page’s HTTP handler. After the request gets through the HTTP route, the page starts to be displayed.

What is the Worker Process?

First of all, it’s worth noting that there’s not only one Worker Process. In fact, there are several such entities that ensure the well-functioning of your web server and the content you host on it, whether it’s websites or applications we’re talking about.

So, IIS’s worker processes are in charge of providing us with the execution environment for all applications and websites you’ve previously configured in the IIS. These processes contain several pieces of information that are crucial to the well-functioning of the aforementioned services.

It’s possible that you can make use of the API to retrieve information regarding memory footprint or CPU utilization. These details can help you keep a close eye on the overall health of your web server and its related worker processes.

Last, but not least, you can use the API to terminate worker processes by simply sending a DELETE request to the worker processes endpoint.

What is the Application Pool?

Although the name is somewhat self-explanatory, the purpose of IIS’s Application Pool is far more complex. First and foremost, the Application Pool contains the worker processes, so it’s safe to say that it plays the role of a container. Furthermore, it isolates applications from each other whether they run on the same server or on separate ones, which is contrary to how a pool usually works.

It’s quite important to know that a single application pool can hold several websites. So, in other words, you can say that an application pool is but a set of URLs that have been handled by worker processes. The separation of applications in these pools is justified by the fact that it could significantly simplify management. More so, it is because of this isolation that, in the event of one application pool failing, the other ones can keep going on as usual.

How to configure an IIS server?

You’ve enabled IIS on your computer and you’ve learned a bit about its components, now let’s see how you can properly configure it so you can run your own web server without significant efforts.

1. Press the Win key on your keyboard
2. Type PC and right-click the This PC icon
3. Select the Manage option from the context menu
4. Expand the Services and Applications option
5. Select the Internet Information Services box
6. Click the Web Sites option
7. Right-click the Default Web Site node if the default node hasn’t started for you

As we mentioned a while back, one of the main reasons why people use IIS is for easy web application deployment. IIS and its Advanced Installer feature allow you to configure and deploy web apps on several servers without skipping a beat. You also don’t need to create new configurations for each machine, as IIS can easily take care of that.

If you want to configure a new website, the first thing you’ll want to do is head to the Files and Folders view, where you can manage existing application files or add new ones if you want. Note that you’ll need to place your application files in their individual directory, considering that your website’s admin panel will make use of them later on.

Once you took care of the files, you can move to the IIS Server view, where you can use the New Web Site toolbar to type your new website’s name. What you’ll need to do next is adjust your website’s HTTP/HTTPS settings and consider using SSL for added security. Here’s how you can configure HTTP and SSL for your website or folder:

1. Make sure you’re logged on your PC using the Administrator account
2. Press the Win key on your keyboard
3. Type control and click the Control Panel icon when it appears
4. Go to the Administrative Tools section
5. Select the Internet Information Services (IIS) Manager
6. Choose the website you wish to configure in the left section
7. Right-click the website you wish to configure with SSL
8. Select Properties from the context menu
9. Navigate to the Directory Security tab
10. Select the Edit option
11. Click the Require Secure-Channel (SSL) option
12. Toggle the Require 128-bit encryption option
13. Select Accept client certificates to block users without certificates
14. Select Ignore client certificates to allow connections regardless of certificates

How can I secure an IIS web server with SSL?

SSL, which is short for Secure Sockets Layer, is still one of the best ways to encrypt communications between you and any target website. Remember a while back that many websites made the leap from HTTP to HTTPS? Well, SSL certificates were and still are an essential part of this process.

the good news is that you can deploy SSL to your website quite easily using IIS. On the other hand, you’ll definitely have to purchase a certificate, since they’re the only way your website can be acknowledged as trustworthy from a data encryption standpoint.

Therefore, the first step would be finding an SSL certificate provider and purchase such an item. After the purchase, you’ll receive either a code or a certificate file. In order to configure SSL with IIS we’ll need the certificate file, so make sure you retrieve it before moving on.

Secure IIS web server with SSL

1. Download the certificate file (P7B format) on your PC
2. Start the IIS Manager (type inetmgr in the Run utility on your PC)
3. Select the server you wish to use from the Connections left-side pane
4. Access the Server Certificates option in the central part of the screen
5. Click the Complete Certificate Request hyperlink in the right Actions pane
6. In the newly-opened window click the … button
7. Change the file type from *.cer to *.*
8. Navigate to the location where you downloaded the P7B file on your PC
9. Double-click your certificate P7B file
10. Type a memorable name in the Friendly name field
11. Click the OK button once you’ve finished choosing a name

Now you’ve successfully installed a certificate for your IIS server. However, that’s not nearly enough, as you’ll still have to bind the certificate for your website. By the end of it, you’ll have a secure website with a certificate that’s associated with your website, port, and IP address.

Bind security certificate to the website

1. Launch the IIS Manager
2. Select the website you want to associate with your certificate from the left pane
3. Click the Bindings button in the right-hand Actions pane
4. Click the Add… button in the newly opened window
5. Select HTTPS from the Type combo menu
6. Choose either All Unassigned or the website’s IP address from the IP address menu
7. Type 443 in the port field
8. Select the certificate you installed earlier (it should have the name you chose for it)
9. (Optional) Use the View… button to see some details about your certificate
10. Toggle the Require Server Name Indication option if you host more than one domain on the same IP address and type a name in the Host name field
11. Click the OK button to close the Add Site Binding window
12. Close the Site Bindings window

So we’ve managed to install SSL on your IIS web server and associate it with your website. You can use the steps above to associate certificates with more than just one website if the need arises. However, there’s still one thing we need to do: redirect incoming HTTP traffic to HTTPS, to ensure encryption of our visitors’ traffic.

Redirect HTTP to HTTPS

1. Visit the official URL Rewrite extension page
2. Click the large green Install this extension button
3. Launch the executable and complete the installation of URL Rewrite
4. Run the IIS Manager
5. Select the website you want to redirect traffic for
6. Double-click the URL Rewrite icon in the central section of the screen
7. Click the Add rules button
8. Select Blank rule in the newly opened window (Inbound rules section)
9. Type a name that’s easy to remember in the Name field
10. Set the Requested URL field to Matches the Pattern
11. Choose Regular Expressions in the Using field
12. Type (.*) in the Pattern field
13. Check the Ignore case option
14. Scroll down and expand the Condition section (if needed)
15. Choose the Match All option from the Logical grouping menu
16. Click the Add button
17. Type {HTTPS} in the Condition input field
18. Choose Matches the Pattern from the Check if input string menu
19. Type ^OFF$ in the Pattern field
20. Check the Ignore case option
21. Click the OK button
22. Scroll down and expand the Action section (if needed)
23. Choose Redirect from the Action type menu
24. Type https://{HTTP_HOST}/{REQUEST_URI} in the Rewrite URL field
25. Make sure to uncheck the Append query string
26. Choose Permanent (301) from the Redirect type menu
27. Click the Apply button in the right-hand menu (Actions pane)

That’s it, you’ve now completely implemented SSL on your web server, bound it to your website, and configured the site to redirect incoming HTTP traffic to HTTPS. If done correctly, visitors who try to access your website using HTTP will be automatically redirected to its secure HTTPS counterpart.

What are Virtual Directories?

As we’ve established before, creating and managing a website isn’t the only thing that IIS is capable of doing. You can also create applications, which we already mentioned, but most importantly, you can create virtual directories by simply giving them a name that maps them to a physical directory.

The way this feature works is by letting users access various types of content that are hosted on a server quickly through a direct name. Surely enough, this content could be a website, but it could also be photos, videos, or other types of smaller media files.

Back in the day when IIS 6.0 was all the fuss, virtual applications, and directories were treated as separate objects by IIS. As such, applications consisted of the following elements:

• AppRoot
• AppIsolated
• AppFriendlyName
• AppPoolId

Starting with IIS 7.0, virtual applications and directories are organized within a hierarchy, but they’re still considered to be separate objects. Thus, a website, which is higher in the hierarchy, can contain several applications, or virtual directories that are mapped to a physical location on your PC.

What are log files in IIS?

In IIS log files serve the same purpose they do wherever else you may encounter them. You can use these files to check how things unfolded on your web server, see important events, and, most importantly, understand where things went wrong if any malfunction occurs.

In other words, an IIS log file keeps tabs on everything that happens to your web server, in case you ever need it. A few examples of recorded data include the precise date and time of the events, how much data was transmitted, and the IP addresses related to the events.

Find log files on IIS 7.0 and later

1. Hit the Win key on your keyboard
2. Type control and select Control Panel
3. Double-click the Administrative Tools option
4. Launch Internet Information Services (IIS)
5. Select your website from the left-hand pane
6. Click (or double-click) the Logging icon in the central portion of the screen
7. Identify the Directory dialog box at the bottom of the screen
8. Click the Browse button to reach the location of IIS log files on your system

Find log files on IIS 6.0 and earlier

1. Repeat steps 1-4 from the instructions above
2. Right-click your website
3. Select Properties from the context menu
4. Navigate to the Website tab
5. Access the Active Log Format section
6. Click the Properties button
7. Check the bottom of the screen for the log file directory and names

Can I change ports in IIS?

IIS uses port 80 for all HTTP traffic by default, but that doesn’t mean you can’t change it to another value if you want or need to. Changing to a different port can help you avoid certain firewall-related connectivity issues or dodge attacks that target certain service-port vulnerability combos.

Change default port in IIS

1. Launch the IIS Manager
2. Right-click your website from the left-hand pane
3. Select Properties from the context menu
4. Locate the TCP port field
5. Type the value of the new port in the TCP port field

Since IIS usually uses port 80 by default, there’s no need to specify it whenever you want to test your website’s functionality, for instance, from inside a browser. You just type your domain name and you should be able to access your website without a hiccup.

However, if you insist on changing the default port, you’ll need to specify it each time you’re trying to access your website from a web browser. You can do that by adding :port number (where port number is the actual port you’re using) at the end of your domain name.

If, for instance, we would change the port of our website to, let’s say 2609, accessing it would look like this: Tips.WebTech360.com:2609. Pretty simple, right?

Now if you’re using an older version of Windows, and implicitly an older version of IIS, there are a few things you’ll need to do in a different manner to change the default port. 

Change IIS port on Windows 8.1

1. Locate the Search Box on your homepage
2. Type IIS Manager
3. Select Internet Information Services Manager from the search results
4. Click the Default Web Site in the left-hand menu
5. Select the Bindings option from the right-hand menu
6. Highlight http on the main screen
7. Click the Edit button
8. Type the new value in the Port field
9. Click the OK button and close the window
10. Select the server node in the left-hand section of the IIS Manager
11. Click the Restart Server button in the right-hand sidebar

How can I monitor IIS?

If you’re not exactly a fan of keeping things in order through manual testing and checking log files frequently (we get you), you may want to consider leaning on third-party software solutions that could keep an eye on your IIS web server for you.

SolarWinds Server & Application Monitor

SolarWinds Server & Application Monitor is currently one of the best third-party utilities that can help you monitor your IIS website, server, application, or virtual directory without significant efforts. You just point it to the things you want to keep track of and let it work its magic.

Not only does this tool let you know if your websites and web servers are up and running, but it also provides you with an impressive range of key metrics, including but not limited to CPU, memory & disk usage, and response times.

Furthermore, if there’s something wrong with one of the websites you’re monitoring, SolarWinds Server & Application Monitor can automatically restart it for you in an attempt to fix the issue in a simple manner.

SolarWinds Server & Application Monitor’s screen is split into multiple sections, where you can monitor and analyze your applications and websites, access an overview of your applications’ health status displayed in graph form, and even manage applications at the press of a button.

You can also use this tool to keep track of your SSL certificates‘ expiration dates so that you can always be on top of things when it’s time to renew a soon-to-expire certificate. More so, you can use SolarWinds Server & Application Monitor to manage SSL certificates for several websites or servers for added convenience.

If you’re curious and want to give SolarWinds Server & Application Monitor a try, you’ll be glad to know that there’s a 30-day free trial available, so that you can test run its capabilities before committing to purchasing a license.

What is IIS – Conclusion

To wrap it up, IIS is a handy Microsoft webserver service you can use to create your own server, as well as manage websites, applications, and virtual directories in it without breaking a sweat. It’s currently the second most popular Windows web server in the world, losing first place to Apache HTTP, which is a completely free alternative.

IIS is mainly used to manage commercial websites, which requires you to purchase a commercial license. The price of such a license varies depending on the number of users you plan on having on the website.

Configuring IIS is somewhat intuitive, but you’ll need to be a bit tech-savvy to be able to make out all of its features, understand what each of them does and configure them to get the most out of your web server and associated websites or applications.