What you need to know about IIS 7

Microsoft Corp.'s Internet Information Server or IIS is tending to grow like a long-lasting wine: the longer it stays, the better. IIS 4 is a disaster, IIS 5 is basically an open door if using a public-facing web service. But IIS 6 is really a breakthrough, satisfying the implementation and security requirements.

However, the Microsoft IIS program building team is still not satisfied. They consider each rewrite of the Windows operating system on the server an opportunity to review the basic assumptions about the structure of IIS.

IIS 7 is the result of that great effort. Improvements in IIS 7 focus around the use of modular design models, easy management functions, and enhanced security. Let's compare IIS 7 with previous versions and see what you need to know when considering IIS 7.

Modular design model

IIS 7 offers a modular model, a concept that does not seem very popular compared to the Apache Web server software. The modular structure provides the ability to operate separately for each part of IIS. This means that these components can almost be loaded in any dependency link. You can only allow the modules that are most needed on the server to run, the remaining modules can be left idle: unload, untouch.

This is a great improvement in security because fewer modules will have fewer attacks, due to fewer vulnerabilities. In addition, you can see that IIS 7 is much more compact than before.

The modular structure also has many extended features. You can write custom code and integrate yourself into IIS's internal workflow, which is easy to implement when you need it. Modules can be set to enable and disabled (not used). You are not limited to configuring the server during the installation time, you can change some IIS 7 components in most of its operating areas at the user interface. We will look into this issue further in the next section.

Advanced management functions

You may already be familiar with the Management Console interface of IIS 6, which is no different from IIS 5 and nothing much from IIS 4. IIS7 basically eliminates user interface and build structure. new management structure at the beginning of the program. There are a lot of hooks for developers to create code that synthesizes, extending the interface with the functions they write themselves.

This interface is designed to be balanced with the appearance of previously hidden components. It still provides effective access to common functions. These functions are mainly used in Web hosting activities, serving thousands of websites per unit of time.

Figure 1 - IIS Manager Console

What you need to know about IIS 7 Picture 1

A screen frame on the desktop

The Tasks pane appears as soon as you open a window and it contains quick access to common functions in a certain area of ​​IIS Manager.

You can use the familiar tree interface in the left pane, but with IIS 7, the central framework has been completely redesigned, with more options presented logic than previous versions. For previous versions, you had to click around a lot of tabs to find out which controller you want to change or disable. Meanwhile, IIS 7 allows you to save time and effort by gently clicking on a search directly on the central frame.

Another important component in IIS 7 is the ability to manage a website based on the 'web.config' text-file background, corresponding to the way in Apache. All settings for a website can be edited directly inside a text file without opening the user interface. This makes it very easy to duplicate a website's configuration between multiple servers.

In addition, you can assign access to a website's configuration information to a specific web.config file. Moderators can use web.config access to manage activities on their own website without needing the root administrator.

Upgrade security

IIS 6 is known for its high security enhancements through Swiss components already available from IIS 5 and Microsoft hoping that IIS 7 will continue to follow that trend. Most companies use IIS with web applications based on .Net. IIS 7 is even bundled in a more compact framework, it uses .Net applications directly inside the IIS process core, not routing these applications to the Internet Server Application Programming extension. Interface .

IIS 7 demonstrates the consistency of Active Server Pages .Net with IIS. Forms of appraisal are increasingly richer in content. Currently the authentication function is not only encapsulated in one type of .Net application, but also expanded with the data stored in the database you provide.

In addition, URLScan functions are integrated in IIS naturally. It will filter web requests and handle requests that have nefarious purposes or want to exploit security holes. IIS 7 also has many improvements in the Longhom Server service, providing multiple tables, making the system and services more secure.