1.4. IIS 7.0 Modules
The modular architecture of IIS 7.0 has been discussed thoroughly at the beginning of this chapter. It is the new architecture that characterizes the web server core engine. Modules or features can be thought of as classes or objects embedding certain functionality that get executed whenever a new request is being processed by the IIS pipeline. Every installed module gets its turn in processing every request entering the IIS 7.0 pipeline.
This modular architecture has several goals, but above all it protects the web server from security attacks. When a small number of modules are installed on the web server, this means there is a lower probability for a security attack on the server, hence lowering the surface attack to hackers. In addition, when a small number of modules are installed, this means less security patches and updates are required for the administrator to maintain. Moreover, being able to customize the web server to this extent gives the administrator the chance of deciding on the role of the web server by installing and uninstalling modules in the way best suited for the role intended for the web server.
IIS 7.0 ships with a set of unmanaged or native modules that are all installed in case of a full installation of the web server. In addition, IIS 7.0 allows you to extend its functionality with managed modules. Each of these modules is discussed in detail.
1.4.1. Unmanaged Modules
The native modules are grouped by functionality. There are HTTP-related ...
Get Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.