IIS 7 Web Manager Features

Discussion in 'Windows / IIS' started by vvsharma, Mar 21, 2008.

  1. The following article briefly explains each of the IIS specific features available in the Microsoft IIS 7 Web Manager.
    If you do not have a copy of the Microsoft IIS 7 Web Manager, please see this Knowledge Base article for download links and simple connection instructions.

    Note that any changes made with the Microsoft IIS 7 Web Manager are written in the web.config file, and these settings override the server settings. If you upload a new or different web.config file, you will overwrite any changes made with Microsoft IIS 7 Web Manager.


    Microsoft IIS 7 Web Manager Features:


    A. Authentication

    As shown in the following example, the web.config's application level [identity, authentication] sections and server level security authentication section settings can be managed from this feature within the web manager. By default, the anonymous and basic authentication is enabled, where as ASP.NET impersonation and forms authentication is disabled.

    Example:

    <configuration>
    <system.web>
    <identity impersonate='true' password='valid_password' userName='valid_username'/> <!--Impersonate user from the User/Permission manager in the control panel -->
    <authentication mode='Forms'> <!--Forms Authenication-this requires 'Basic Authentication' as disabled (i.e., Challenge-based) -->
    <forms requireSSL='false'/>
    </authentication>
    </system.web>
    <!--Server level Authentication-->
    <system.webServer>
    <security>
    <authentication>
    <anonymousAuthentication enabled='false'/>

    </authentication>
    </security>
    </system.webServer>
    </configuration>


    B. Authorization Rules

    As shown in the following example, the web.config's server level security authorization section settings can be managed from this feature within the web manager. By default, a rule (Inhrited, but overridable) to allow access to all users to the application web content exists.

    <configuration>
    <system.webServer>
    <security>
    <authorization>
    <add accessType='Allow' roles='Admin' verbs='GET,POST'/> <!--Access rule to allow users with role 'Admin' -->
    <add accessType='Allow' users='User2'/> <!--Access rule to allow user'User2' -->
    <add accessType='Allow' users='?'/> <!--Access Rule to allow all users -->
    <add accessType='Deny' roles='Bad_Users' verbs='GET,POST'/> <!--Access Rule to deny access to all users having roles Bad_Users -->
    </authorization>
    </security>
    </system.webServer>
    </configuration>


    C. Compression

    As shown in the following example, the web.config's urlCompression section setting can be managed from this feature within the web manager. By default, static content compression of http server responses is enabled/dyanmic content compression is disabled at the application level.

    Example:

    <configuration>
    <system.webServer>
    <urlCompression doDynamicCompression='true'/>
    </system.webServer>
    </configuration>


    D. Default Document

    As shown in the following example, the web.config's defaultDocument section setting can be managed from this feature within the web manager. By default, the inherited list is same as the one managed from within the Control Panel's IIS manager(Inherited). Any addition/removal of a default document modifies the application's web.config(local-overridden) and does not change server level setings, therfore these changes are not reflected in the Control Panel's IIS Manager 'Default Documents' section(inherited setting).

    Example:

    <configuration>
    <system.webServer>
    <defaultDocument>
    <files>
    <remove value='index.htm'/> <!--Remove inherited default document entry -->
    <add value='test.aspx'/> <!--Add a local default document entry -->
    </files>
    </defaultDocument>
    </system.webServer>
    </configuration>


    E. Directory Browsing

    As shown in the following example, the web.config's directoryBrowse section setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level and will not be reflected in the Control Panel's IIS Manager 'Directory Browsing' section(inherited setting).

    Example:

    <configuration>
    <system.webServer>
    <directoryBrowse enabled='true' showFlags='Date, Time, Size, Extension'/> <!--Overrides the inherited setting -->
    </system.webServer>
    </configuration>


    F. Error Pages

    As shown in the following example, the web.config's httpErrors section setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level and will not be reflected in the Control Panel's IIS Manager 'Custom Errors' section(inherited setting). This feature can be used to configure HTTP error responses. These error responses can be custom error pages or detailed error messages that contain troubleshooting information. Please remember, that using the detailed error message option will make the custom error pages ineffective.

    Example:

    <configuration>
    <system.webServer>
    <httpErrors>
    <remove statusCode='500' subStatusCode='-1'/> <!--Remove inherited 500 error page setting -->
    <!--Override the inherited 500 error page setting with the '4041.html' as its path-->
    <error statusCode='500' subStatusCode='-1' prefixLanguageFilePath='' path='/4041.html' responseMode='ExecuteURL'/>
    </httpErrors>
    </system.webServer>
    </configuration>


    G. Handler Mappings

    As shown in the following example, the web.config's 'handlers' section setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature can be used to specify the resources, such as DLL's and managed code, that handle responses for specific request types. The 'Revert To Inherited' feature can be used to set the default configuration (This clears the applications web.config (local) 'handlers' settings).

    Example:

    <configuration>
    <system.webServer>
    <handlers>
    <remove name='svc-ISAPI-2.0-64'/> <!--Remove inherited handler Mapping -->
    <!--Override the inherited handler Mapping with a local value i.e., path '*.svc' modified to '*.svcs' this case -->
    <add name='svc-ISAPI-2.0-64' path='*.svcs' verb='*' modules='IsapiModule' scriptProcessor='%SystemRoot%\Microsoft.NET\Framework64\v2.0.50727\aspnet_isapi.dll' resourceType='Unspecified' requireAccess='Script' preCondition='classicMode,runtimeVersionv2.0,bitness64'/>
    <!--Add a new handler mapping for path='*.api' -->
    <add name='Test_Handler_mapping' path='*.api' verb='*' type='System.Web.UI.PageHandlerFactory' resourceType='Unspecified' preCondition='integratedMode'/>
    </handlers>
    </system.webServer>
    </configuration>


    H. Http Redirect

    As shown in the following example, the web.config's httpRedirect section setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature can be used to specify rules for redirecting incoming requests to another file or URL.

    Example:

    <configuration>
    <system.webServer>
    <httpRedirect enabled='true' destination='http://www.microsoft.com' exactDestination='true' childOnly='true' httpResponseStatus='Permanent'/>
    </system.webServer>
    </configuration>


    I. Http Response Headers

    As shown in the following example, the web.config's httpProtocol section(custom headers) setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature can be used to configure HTTP headers to the responses from the Web server.

    Example:

    <configuration>
    <system.webServer>
    <httpProtocol>
    <customHeaders>
    <remove name='X-Powered-By'/> <!-- Removes the inherited http header which was by default inherited-->
    <add name='X-Powered-By' value='ASP.NET2.0'/><!--Replaces the http header removed above with new value(local)-->
    <add name='Test_Key' value='Test_Value'/> <!--Add a new http header entry -->
    </customHeaders>
    </httpProtocol>
    </system.webServer>
    </configuration>


    J. IPv4 Address and Domain Restrictions

    As shown in the following example, the web.config's security section(ipSecurity) setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature can be used to restrict or grant access to web content based on IPv4 addresses(domain names is restircted). The restrictions are set in the order of their priority.

    Example:

    <configuration>
    <system.webServer>
    <security>
    <ipSecurity>
    <add ipAddress='192.168.1.2' allowed='true'/> <!--Ipv4 address to allow explicitly-->
    <add ipAddress='192.168.0.3' allowed='false'/> <!--Ipv4 address to block explicitly-->
    <add ipAddress='192.168.0.0' subnetMask='192.168.3.4' allowed='true'/> <!--Range of Ipv4 addresses to allow explicitly-->
    </ipSecurity>
    </security>
    </system.webServer>
    </configuration>


    K. Mime Types

    As shown in the following example, the web.config's staticContent section(mimeMap) setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature is used to manage the list of file name extensions and the associated content types that are served as static files by the web server. Unless, each of the mime type is manually removed or updated, it will be inherited from the server configuration.

    Example:

    <configuration>
    <system.webServer>
    <security>
    <staticContent>
    <remove fileExtension='.rpm'/> <!--Remove the entry for File extension '.rpm' of mime type audio/x-pn-realaudio-plugin for modification(overrides the inherited mime type)-->
    <remove fileExtension='.aif'/> <!--Remove the entry for File extension '.aif' of mime type audio/aiff(overrides the inherited mime type)-->
    <mimeMap fileExtension='.pak' mimeType='text/xml'/> <!--Add an entry for File extension '.pak' of mime type text/xml-->
    <mimeMap fileExtension='.rpm' mimeType='image/jpeg'/> <!--Update by adding an entry for File extension '.rpm' with mime type text/xml-->
    </staticContent>
    </security>
    </system.webServer>
    </configuration>


    L. Modules

    As shown in the following example, the web.config's 'modules' section setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) level. This feature is used to configure the native and managed code modules that process requestes made to the Web server. The inherited managed modules can be removed/added/updated(This does not apply to the native modules). On the other hand the inherited native modules can be enabled individually. Also the 'Revert to Inhertited' option in the manager can be used to set the module configuration to default(This clears the applications web.config (local) 'modules' settings).

    Example:

    <configuration>
    <system.webServer>
    <modules>
    <remove name='UrlMappingsModule'/><!--Remove the inherited managed module for modification(overrides the inherited managed module)-->
    <add name='UrlMappingsModule' type='System.Test' preCondition='managedHandler'/><!--Add the updated managed module (local to web.config)-->
    <add name='Test_Module' type='System.Web.Mod'/> <!--Add a managed module-->
    </modules>
    </system.webServer>
    </configuration>


    M. Output Caching

    As shown in the following example, the web.config's caching section(profiles) setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature is used to configure output cache settings and to specify rules for caching served content in the output cache.

    Example:

    <configuration>
    <system.webServer>
    <caching>
    <profiles>
    <!--Add Cache Rule with User-Mode Caching enabled/Kernal Cachine disabled and with file change notifications for .aspx extension-->
    <add extension='.aspx' policy='CacheUntilChange' kernelCachePolicy='DontCache' duration='00:00:30'/>
    <!--Add Cache Rule with User-Mode Caching disabled/Kernal Cachine enabled and with file change notifications for .html extension-->
    <add extension='.html' policy='DontCache' kernelCachePolicy='CacheUntilChange'/>
    <!--Add Cache Rule with User-Mode Caching enabled/Kernal Cachine enabled and with file change notifications for .asp extension-->
    <add extension='.asp' policy='CacheUntilChange' kernelCachePolicy='CacheUntilChange'/>
    </profiles>
    </caching>
    </system.webServer>
    </configuration>


    N. SSL Settings

    As shown in the following example, the web.config's security section(access) setting can be managed from this feature within the web manager. This change is made at the application (local-overridden) web.config level. This feature is used to modify the SSL settings for the content of a web site/application.

    Example:

    <configuration>
    <system.webServer>
    <security>
    <access sslFlags='Ssl, SslNegotiateCert' /> <!--Requires SSL with accept client certificate enabled -->
    </security>
    </system.webServer>
    </configuration>

    Vikram

    DiscountASP.NET
    www.DiscountASP.NET

    Post Edited (vvsharma [DASP]) : 3/24/2008 9:13:17 AM GMT
     

Share This Page