IIS includes a robust Web server designed to host both internal intranets and public Internet sites. It works closely with many development tools such as Microsoft's FrontPage. Specific IIS components such as FTP and SMPT are not automatically installed and must be selected through the Windows Components Wizard.
In this section we explore the major administrative aspects associated with host Web services under IIS. One of the best methods of illustrating the ease of IIS operation is to create and configure a Web site.
Here we assume that Web pages have been created with a product such as FrontPage and are ready to be loaded on the Web server for intranet or Internet exposure. Follow these steps to create the site itself:
Open the Internet Information Services snap-in.
Right-click Default Web Server, select New, and then Site. The initial Web Site Creation Wizard screen is displayed (Figure 16.3).
In the Web Site Description Dialog box, type a description of the site.
In the IP Address and Port Settings dialog box (Figure 16.4), enter the IP address to use, the TCP port, the Host Header for this site, and the SSL port. The header is a Web site description. An ISP that is hosting a number of Web sites on one server, for example, might make the header the name of each organization.
In the Web Site Directory Location dialog box, enter the path or click Browse to locate the directory that contains the Web pages.
In the Web Site Access Permissions dialog box (Figure 16.5), check the types of access to be allowed, including Read, Run Scripts, Execute, Write, and Browse.
Click Finish to complete the creation process.
Basic Web site administration can be illustrated by a walk-through of some activities available from the Internet Information Services snap-in.
To view the component parts of a Web site, use either of the methods described in these steps:
Open the Internet Information Services snap-in.
Right-click the desired Web site and select Open or Explore.
Either the My Computer view or the Explorer view of the contents will be displayed. To browse a Web site from the Internet Information Services snap-in, follow steps 1 and 2. Then, in My Computer or Explorer, select Browse.
Permissions for a site are set with the Permissions Wizard as follows:
Open the Internet Information Services snap-in.
Right-click the desired Web site, select All Tasks, and select Permissions Wizard.
In the first dialog box, select either that the permissions should be inherited from a parent Web site or virtual directory or that new permissions be established. If you select the default inherited permissions, a confirmation box (Figure 16.6) lists the settings. If this is satisfactory, select Next, and then Finish to complete the task. If you need to set other permissions that are not represented by that parent Web site or virtual directory, select Cancel and repeat the process.
If new or different permissions are required, select New permission from a template. Two standard templates are available. The Public Web Site option allows all users to browse static and dynamic content. The Secure Web Site option allows only users with a Windows Server 2003 account to do so. If this is satisfactory, select Next and then Finish (see Figure 16.7).
Web site properties can be set on the site and individual page/directory level. Most are configured through the Properties tabs, which are explored in this section. Open the Internet Information Services snap-in, right-click the desired Web site, and select Properties.
The Web Site tab (Figure 16.8) provides text boxes for inputting the site Description, desired IP Address, and designated TCP Port. Connections can also be set to unlimited or to a specific limit on this tab. Selecting the Advanced button allows an extensive set of logging configurations to be established.
The Operators tab (Figure 16.9) allows you to delegate authority over a Web site to specific users and user groups. The Add button adds users and groups; the Remove button deletes them.
The Properties Performance tab (Figure 16.10) is used to set process and bandwidth throttling. In the appropriate box, set the throttling level to establish appropriate limits. Process throttling is based on kilobytes per second. CPU throttling is based on the maximum allowable percentage of CPU resources. The number of anticipated hits measures overall performance based on expected activities.
Internet Services API ISAPI filters can be applied to expand or limit functions and resources (Figure 16.11). Use the Add, Remove, and Disable buttons as appropriate on filters.
The IIS home directory can be on a local computer, at a shared location on a remote computer, or on a redirected URL system. This is determined by the Home Directory tab (Figure 16.12), which also establishes series of permissions and other properties.
Access to a Web site's home page is based on the establishment of a default page. The Documents tab (Figure 16.13) defines the acceptable name of default pages as well as footer information for the entire Web site.
Directory Security (Figure 16.14) is perhaps the most important tab because it permits the editing of anonymous account access and authentication and defines the IP address and domain restrictions. Through the Edit button, access is granted or denied. Secure communication configuration can be set through the Certificate Wizard, which is launched by clicking Server Certificate.
Permission for anonymous access and authenticated access deserves special examination; anytime access to a server is permitted without a password, a system administrator should take heed. When the Edit button is selected, the Authentication Methods dialog box is displayed. This is where anonymous account security can be defined and edited, as shown in Figure 16.15.
The HTTP Headers tab (Figure 16.16) permits configuration of a number of important Web site features. The first part enables content expiration. If it is checked, information posted to the site can be marked for automatic removal, which obviously ensures a more timely Web site. The second part permits HTTP headers to be added, edited, and removed.
Headers are used on multisite Web servers that share one IP address to distinguish one site from another. They can be used with the self-regulating rating system of the Recreational Software Advisor Council (RSAC) to rate sites that contain, for example, adult material, and to warn underage visitors prior to entering the sites.
The third part of this tab establishes MIME file types supported by the Web server.
The Custom Errors tab (Figure 16.17) lists the default set of error messages established by HTTP 1.1 specifications. The Edit Properties button permits these messages to be redefined. Each message is directed to a specific HTML file. If further clarification is required, these files should be modified.
The Server Extensions tab (Figure 16.18) permits the viewing of installed add-ons such as FrontPage Server Extensions. The FrontPage snap-in is used to edit and manipulate those specific extensions. FrontPage Extensions is not automatically installed with the core IIS. It must be added through Control Panel Add Software Windows Components Internet Information Services Details FrontPage Extensions. The tab is displayed only when FrontPage Extensions is installed.
Properties for individual Web pages can be set by right-clicking the targeted document and selecting Properties. This will display four tabs, as shown in Figure 16.19. The File Security, HTTP Headers, and Custom Errors tabs are largely the same as previously described. The File tab designates the file or the source for redirection, the local path, and basic permissions.