--------------------------------------------------------------------------------
Acknowledgments xix
Introduction xxi
PART 1 MICROSOFT WINDOWS SERVER 2003 WEB ADMINISTRATION FUNDAMENTALS
1
Overview of Microsoft Web Services 3
Introducing IIS 6 4
IIS 6 Request Processing Architecture 4
IIS 6 Security Architecture 5
Additional IIS 6 Features 6
Choosing Appropriate Web Server Hardware 8
Choosing the Server Operating System 9
Working with IIS 6: What You Need to Know Right Now 10
Installing Web and Application Server Components and Default Sites 11
Installing Internet Services and Service-Related Accounts 14
Web Administration Tools and Techniques 16
Managing Resources with Key Administration Tools 16
Installing Administration Tools 17
Web Administration Techniques 18
2
Core IIS Administration 23
Understanding the IIS Architecture 23
Understanding and Using IIS 5 Isolation Mode 24
Understanding and Using Worker Process Isolation Mode 27
Working with IIS and URLs 29
IIS and Application Server Snap-In Essentials 32
Starting and Using the Internet Information Services (IIS) Manager Snap-In 32
Connecting to Other Servers 34
Starting, Stopping, and Restarting All Internet Services
35
Starting, Stopping, and Pausing Individual Resources 37
Rebooting IIS Servers
38
Managing IIS Services 39
Key IIS Services
40
Starting, Stopping, and Pausing IIS Services 40
Configuring Service Startup 41
Configuring Service Recovery
42
PART 2 WEB SERVER ADMINISTRATION
3
Configuring Web Sites and Servers 47
Web Site Naming and Identification 47
Understanding IP Addresses and Name Resolution 47
Understanding Web Site Identifiers 49
Hosting Multiple Sites on a Single Server 49
Checking the Computer Name and IP Address of Servers 52
Managing Global Web Site Properties 53
Creating Web Sites
54
Managing Web Site Properties
58
Configuring a Site's Home Directory
58
Configuring Ports, IP Addresses, and Host Names Used by Web Sites 59
Configuring Multiple Identities for a Single Web Site
61
Restricting Incoming Connections and Setting Time-Out Values
62
Configuring HTTP Keep-Alives 63
Managing Directories 64
Understanding Physical and Virtual Directory Structures 64
Creating Physical Directories 65
Creating Virtual Directories 66
Modifying Directory Properties 67
Renaming Directories 67
Deleting Directories 68
4
Customizing Web Server Content 69
Configuring Web Service Extensions 69
Using Web Service Extensions 70
Allowing and Prohibiting Web Service Extensions 71
Managing Web Content 71
Opening and Browsing Files 72
Modifying the IIS Properties of Files 72
Renaming Files 72
Deleting Files 73
Redirecting Browser Requests 73
Redirecting Requests to Other Directories or Web Sites 73
Redirecting All Requests to Another Web Site 74
Retrieving Files from a Network Share 75
Redirecting Requests to Applications 76
Customizing Browser Redirection 77
Customizing Web Site Content and HTTP Headers 79
Configuring Default Documents 79
Configuring Document Footers 79
Using Content Expiration and Preventing Browser Caching 80
Using Custom HTTP Headers 82
Using Content Ratings 83
Customizing Web Server Error Messages 83
Understanding Status Codes and Error Messages 84
Managing Custom Error Settings 87
Using MIME and Configuring Custom File Types 89
Understanding MIME 89
Viewing and Configuring MIME Types for All Web Sites on a Server 91
Viewing and Configuring MIME Types for Individual Sites and Directories 92
Additional Customization Tips 93
Using Update Sites to Manage Outages 93
Using Jump Pages for Advertising 95
Handling 404 Errors and Preventing Dead Ends 95
5
Running IIS Applications 97
Essentials for Working with IIS Applications 98
Understanding ISAPI Applications 98
Understanding ASP Applications 100
Understanding ASP.NET Applications 102
Defining Custom Applications 104
Using and Running Applications 105
Managing Custom IIS Applications 109
Creating Applications 110
Configuring Application Mappings and Caching 111
Managing Session State 115
Controlling Application Buffering 117
Setting Parent Paths, Default ASP Language, and ASP Script Time-Out 118
Enabling and Disabling Application Debugging 119
Configuring Application Error Messages 119
Unloading IIS 5 Isolated Applications 120
Deleting IIS Applications 120
Managing Custom ISAPI Filters
120
Viewing and Configuring Global Filters 120
Viewing and Configuring Local Filters 121
6
Managing ASP.NET, Application Pools, and Worker Processes 123
Managing ASP.NET 123
Installing ASP.NET 123
Running Side-by-Side ASP.NET Configurations 125
Defining ASP.NET Directory Structures and Applications 126
Working with the Assembly Cache 128
Deploying ASP.NET Applications 129
Uninstalling ASP.NET Versions 129
Working with Application Pools 130
Creating Application Pools 131
Assigning Applications to Application Pools 132
Configuring Application Pool Identities 132
Starting, Stopping, and Recycling Worker Processes Manually 134
Configuring Multiple Worker Processes for Application Pools 136
Configuring Worker Process Recycling 138
Recycling Automatically by Time and Number of Requests
138
Recycling Automatically by Memory Usage 140
Maintaining Application Health and Performance
141
Configuring CPU Monitoring
141
Configuring Failure Detection and Recovery
142
Shutting Down Idle Worker Processes
144
Limiting Request Queues
145
7
Managing Web Server Security 147
Managing Windows Security 147
Working with User and Group Accounts
148
IIS User and Group Essentials
148
Working with File and Folder Permissions
154
Working with Group Policies
158
Managing IIS Security
164
Setting Web Server Permissions
164
Configuring Distributed Authoring and Versioning 168
Setting Authentication Modes
170
Configuring IP Address and Domain Name Restrictions 174
More Tips for Enhancing Web Server Security
176
Using Firewalls
176
Renaming the Administrator Account
177
Disabling the Default Web Site
177
Disabling Remote Administration from the Web
177
Disabling Directory Browsing
178
Creating Legal Notices
178
Applying Service Packs, Hot Fixes, and Templates 178
Checking for Malicious Input in Forms and Query Strings
180
Removing Unused Application Mappings
181
8
Managing Microsoft Certificate Services and SSL 183
Understanding SSL
183
Using SSL Encryption
183
Using SSL Certificates
185
Understanding SSL Encryption Strength
186
Working with Microsoft Certificate Services
187
Understanding Certificate Services
187
Installing Certificate Services
189
Accessing Certificate Services in a Browser 191
Starting and Stopping Certificate Services
193
Backing Up and Restoring the CA
194
Configuring Certificate Request Processing 196
Approving and Declining Pending Certificate Requests 197
Generating Certificates Manually in the Certification Authority Snap-In
198
Revoking Certificates 198
Reviewing and Renewing the Root CA Certificate
200
Creating and Installing Certificates
201
Creating Certificate Requests
202
Submitting Certificate Requests to Third-Party Authorities
205
Submitting Certificate Requests to Certificate Services 207
Processing Pending Requests and Installing Site Certificates
209
Deleting Pending Certificate Requests
209
Working with SSL
210
Configuring SSL Ports
210
Adding the CA Certificate to the Client Browser's Root Store
212
Confirming that SSL Is Correctly Enabled
213
Resolving SSL Problems
214
Managing Site Certificates in the IIS Snap-In
215
Viewing and Modifying Issued Certificates 215
Renewing, Removing, and Replacing Certificates
217
Exporting Site Certificates
217
Ignoring, Accepting, and Requiring Client Certificates
218
Requiring SSL for All Communications
219
PART 3
ESSENTIAL SERVICES ADMINISTRATION
9
Managing FTP Servers 223
Understanding FTP 223
FTP Essentials
223
Controlling FTP Server Access
224
Working with FTP Sessions 225
FTP Site Naming and Identification 228
FTP User Isolation for Busy Upload Sites 228
FTP Site Operators
230
Managing Global FTP Service Properties 230
Creating FTP Sites
231
Creating Non-Isolated FTP Sites 231
Creating Isolated FTP Sites Without Active Directory 234
Creating Isolated FTP Sites with Active Directory 235
Managing FTP Sites 236
Configuring an FTP Site's Home Directory 236
Configuring Ports and IP Addresses Used by FTP Sites
237
Restricting Incoming Connections and Setting Time-Out Values
238
Creating Physical Directories for FTP Sites 239
Creating Virtual Directories for FTP Sites 240
Redirecting Requests to a Network Share
241
Setting the Directory Listing Style
242
Setting Banner, Welcome, Exit, and Maximum Connections Messages
242
Managing FTP User Sessions
243
Viewing FTP User Sessions 243
Viewing the Total Number of Connected Users
244
Terminating FTP User Sessions
245
Managing FTP Server Security
245
Managing Anonymous Connections 246
Configuring Windows Permissions on FTP Servers 248
Configuring FTP Server Permissions
248
Configuring IP Address and Domain Name Restrictions
251
10
Configuring and Maintaining E-Mail Services 253
Using Mail Services
253
Understanding E-Mail Domain Usage
254
Understanding the Mail Root 256
Understanding Mail Processing
257
Starting, Stopping, and Pausing E-Mail Services
258
Core SMTP Administration
259
Creating SMTP Virtual Servers
260
Configuring Ports and IP Addresses Used by SMTP Servers
261
Configuring Multiple Identities for SMTP Virtual Servers
263
Monitoring SMTP Virtual Server Health
264
Managing User Sessions
264
Configuring SMTP Service Domains
265
Viewing Configured Service Domains
265
Working with Local Domains
266
Working with Remote Domains
268
Configuring Smart Hosts for Remote Domains
273
Renaming and Deleting SMTP Service Domains
274
Core POP3 Administration
275
Configuring POP3 E-Mail Client and Server Authentication
275
Configuring POP3 Port Settings
278
Configuring the POP3 Root Mail Directory 278
Working with POP3 Domains
279
Working with Mailboxes
282
11
Advanced E-Mail Service Configuration Options 287
Securing Incoming Connections
287
Securing Access by IP Address, Subnet, or Domain 287
Controlling Secure Communications for Incoming Connections
289
Controlling Authentication for Incoming Connections
290
Restricting Incoming Connections and Setting Time-Out Values
291
Securing Outgoing Connections
292
Configuring Outbound Security
293
Controlling Outgoing Connections 294
Configuring Outgoing Message Limits for SMTP
295
Handling Non-Delivery, Bad Mail, and Unresolved Recipients
297
Setting and Removing Relay Restrictions
297
Managing Message Delivery 299
Setting Outbound Retry Intervals, Delay Notification, and Expiration Time-Out
299
Setting Message Hop Count 301
Setting Domain Name Options
302
Configuring Reverse DNS Lookups
303
Routing Outgoing Messages to Smart Hosts 304
12
Administering the Indexing Service 305
Getting Started with the Indexing Service
306
Using the Indexing Service
306
Indexing Service Essentials
308
Searching Catalogs
312
Core Indexing Service Administration
313
Setting Web Resources to Index
313
Viewing and Creating Catalogs
314
Viewing Indexing Status
316
Starting, Stopping, and Pausing the Indexing Service
317
Setting Indexing Service Properties
317
Optimizing Indexing Service Performance
319
Managing Catalogs
321
Viewing Catalog Properties and Directories Being Indexed
322
Adding Physical Directories to a Catalog
322
Forcing Full and Incremental Directory Rescans
323
Starting, Stopping, and Pausing Individual Catalogs 324
Merging Catalogs
325
Specifying Web or NNTP Sites to Include in Catalogs
325
Testing Catalogs with Queries
326
Finding and Resolving Catalog Problems
327
Limiting or Preventing File and Directory Indexing 328
PART 4 PERFORMANCE, OPTIMIZATION, AND MAINTENANCE
13
Performance Tuning and Monitoring 331
Monitoring IIS Performance and Activity
331
Why Monitor IIS?
331
Getting Ready to Monitor
332
Monitoring Tools and Resources
333
Detecting and Resolving IIS Errors
334
Examining the Access Logs
334
Examining the Windows Event Logs
335
Monitoring IIS Performance
338
Choosing Counters to Monitor
339
Creating and Managing Performance Logs
344
Replaying Performance Logs 349
Configuring Alerts for Performance Counters 350
Tuning Web Server Performance
352
Monitoring and Tuning Memory Usage
352
Monitoring and Tuning Processor Usage
356
Monitoring and Tuning Disk I/O
358
Monitoring and Tuning Network Bandwidth and Connectivity
359
14
Tracking User Access and Logging 363
Tracking Statistics: The Big Picture 363
Working with the NCSA Common Log File Format 365
Working with the Microsoft IIS Log File Format
369
Working with the W3C Extended Log File Format 370
Working with ODBC Logging
373
Working with Centralized Binary Logging
374
Understanding Logging
375
Configuring Logging for HTTP, SMTP, and FTP 377
Configuring NCSA Common Log File Format 377
Configuring Microsoft IIS Log File Format 378
Configuring W3C Extended Log File Format 380
Configuring ODBC Logging 382
Configuring Centralized Binary Logging
386
Disabling Logging
386
15
IIS Optimization and the Metabase 387
Strategies for Improving IIS Performance 387
Removing Unnecessary Applications and Services 387
Optimizing Content Usage 388
Optimizing ISAPI, ASP, and ASP.NET Applications 390
Optimizing IIS Caching, Queuing, and Pooling 391
Configuring Automatic Restarts of IIS 393
Managing IIS Registry Settings 394
Working with the Registry 394
Controlling IIS Through the Registry
395
Controlling the Indexing Service Through the Registry 396
Controlling Secure Sockets Layer Through the Registry 398
Managing IIS Metabase Settings 398
Examining and Editing the Metabase
398
Modifying Metabase Properties
401
Scripting the Metabase 403
16
IIS Backup & Recovery 407
Backing Up the IIS Configuration 407
Understanding IIS Configuration Backups
408
Understanding IIS Metabase History 409
Creating IIS Configuration Backups
410
Restoring IIS Server Configurations 411
Rebuilding Corrupted IIS Installations 412
Restoring Site Configurations
413
Restoring Virtual Directory Configurations 414
Restoring Application Pool Configurations 414
Deleting Server Backup Configurations 415
Backing Up and Recovering Server Files 415
Setting Default Options for Backup 417
Backing Up Server Files 419
Recovering Server Files 422
INDEX 425
