Windows Server 2003 includes Internet Information Services (IIS) 6, a radically changed version of Microsoft’s popular web server software. In this chapter, I’ll look at the new features in IIS 6, the individual components and how to administer them, how to automate administration of IIS from the command-line, and some general suggestions for improving the security of IIS and the machine on which it’s running.
Because a picture is worth a thousand words, I’ll start this section with a diagram (Figure 8-1) that shows the architecture and operation of IIS 6, and I’ll describe the internal workings later in this section.
Figure 8-1. IIS 6 architecture
IIS begins with a
listener, which detects
requests for web services and pages; it’s the
foundation of IIS. The listener runs in kernel mode, meaning that it
has more direct ties to the operating system than traditional
programs running in user mode. This means requests are served much
faster and much more efficiently.
When an HTTP request arrives at the HTTP Listener
HTTP.SYS, at the bottom of the figure), it
verifies that the request is valid. If this check fails, the
appropriate HTTP error and code number are sent back to the
requester. If everything checks out,
HTTP.SYS decides if it can handle the request from a cache of recently requested pages and operations. If the response ...