The modular architecture of IIS 7.0 has been discussed thoroughly at the beginning of this chapter. It is the new architecture that characterizes the web server core engine. Modules or features can be thought of as classes or objects embedding certain functionality that get executed whenever a new request is being processed by the IIS pipeline. Every installed module gets its turn in processing every request entering the IIS 7.0 pipeline.
This modular architecture has several goals, but above all it protects the web server from security attacks. When a small number of modules are installed on the web server, this means there is a lower probability for a security attack on the server, hence lowering the surface attack to hackers. In addition, when a small number of modules are installed, this means less security patches and updates are required for the administrator to maintain. Moreover, being able to customize the web server to this extent gives the administrator the chance of deciding on the role of the web server by installing and uninstalling modules in the way best suited for the role intended for the web server.
IIS 7.0 ships with a set of unmanaged or native modules that are all installed in case of a full installation of the web server. In addition, IIS 7.0 allows you to extend its functionality with managed modules. Each of these modules is discussed in detail.
The native modules are grouped by functionality. There are HTTP-related ...