Creating a new Website in IIS

When creating a website, a good idea is to place all the files in an easy to find location such as the root of the drive. All Web site files are placed inside a folder. This folder is known as the home folder. The index page (normally the first page that is opened) is known as the Default Document. It is normally called “default.htm”, however this can be changed. Opening the Default Document “default.htm” reveals the website.

Use the buttons below to navigate through the lesson

To publish the Web site, the Internet Information Services (IIS) Manager is used. Click Start. Select Administrative Tools. Select Internet Information Services (IIS) Manager.  The Internet Information Services management console will appear. Expand the Web Sites folder to view what this server contains. The server is currently hosting one Web Site (The Default Web Site). If not used, the site should be deleted. N.B. A server can easily host more than one web site.

The site can easily be deleted by selecting Delete from the right-click context menu. To create a new Web site right-click on the Web Sites folder. Select New > Web Site. The Web Site Creation Wizard will appear. Click on Next to continue. In the Description box type in a description for the new Web site. Click Next to continue.

From the IP address and Port Settings dialog box the IP address for the Web site can be specified as well as the port number. The host header is used to route requests to the particular Web site (in the case where a computer hosts multiple Web sites). To configure the IP address select the appropriate address from the drop down list. Click Next to continue. In the Path box, specify the location of the Web site’s home folder.  Anonymous access can also be disabled by deselecting the Allow anonymous access to this Web site checkbox.

The home folder has been specified as the “website” folder on the “C:” drive. Click Next to continue. In Web Site Access Permissions, select check boxes for the access your users will require. Usually the default settings are suitable for most Web Sites. Click Next to continue. The Web Site has now been successfully created. Click on Finish to close the Wizard.

The new Web Site appears in the IIS management console. The Web Site can now be accessed from another connected computer by using the server’s URL “http://server”.

Managing a Web Site

Right-click on the new Web Site to configure it. Select Properties. The description of the Web Site appears in the Web Site Properties Windows. The IP address and port number associated with the site can also be configured from here. The TCP Port box specifies which port will be used to respond to HTTP requests. The default TCP port for HTTP requests is port 80. If a different port is specified then clients connecting to the Web site must specify the correct port. Additional IP Addresses, Ports and Host Headers can be added by selecting the Advanced button. The Connection Timeout is used to specify how long an inactive user can stay connected to the Web site before the connection is terminated.  If the HTTP Keep-Alives Enabled option is enabled then the client will maintain an open connection with the server, as opposed to opening a new connection for every client request. This can improve performance for the client but degrade server performance.

The Enable Logging checkbox allows you to enable logging events pertaining to this Web Site. Performance Related Settings can be configured from the Performance Tab. Bandwidth throttling allows you to configure how much bandwidth is allowed for this site. The number of simultaneous connections can also be limited. Internet Server Application Programming Interface ISAPI filters can be configured through this tab. ISAPI filters direct Web browser requests for specific URLs to specific ISAPI applications. ISAPI filters can be used to manage customized logon authentication.

Content location, access permissions and application settings can be configured through the Home Directory Tab. The home directory contains all the files needed for the website. The location of the home directory can be specified here. Access permissions are used to define what access users have to the Web Site. By default, users have Read-Only access, and logging and indexing are enabled.

Access Permissions

Write Allows users to access source code for scripts
Read Allows users to read or download files located in the website’s home folder.
Script Source Access Allows users to modify or add to your Web Content. This option should be used with caution.
Directory Browsing Allows users to view Web site directories
Log Visits Allows visits to the Web site to be logged. To use this feature logging must be enabled on the Web Site Tab.
Index This Resource Allows you to index your home folder with the Microsoft Indexing Service.

Application Settings configures applications(!) The Execute Permissions settings specifies how applications can be accessed within this folder. If This can be set to None, Scripts Only, or Scripts and Executables, which allows all file types to be executed.

The Application Pool options specifies which Application Pool applications from this Web Site will run in. Application Pools are used to control memory and processor usage for Web Services. Using a default document allows users to access the Web Site without specifying a document name. This is normally set as the web site’s home page. Multiple documents can also be specified. In this case if the first document is unavailable then the next document in the list will be accessed. A Document Footer can also be specified. This is an HTML document which will appear at the bottom of each Web page sent to clients. Security can be configured through the Directory Security Tab. Security is dealt with in a later section.

The HTTP Headers Tab configures values that will be returned .to Web Browsers in the HTML headers of the Web Pages. If the Web site contains data that is time-sensitive then an expiration date can be set for the data. This helps browsers to determine whether it should use a cached copy of the page or whether it should request a new copy from the Web server.

Custom HTTP headers can be used to send customized HTTP headers from the Web Server to the client’s browser. Content ratings allows you to specify restrictions if the site contains violence, sex, nudity or adult language. Web Browsers can be configured to block web sites based on this rating. MIME (Multipurpose Internet Mail Extensions) maps are used to configure Web Browsers so that they can view files that have been configured using different formats.

Using the Custom Errors Tab a page can be displayed when the Web Browser encounters an error. Error pages can be created using HTML and mapped to a specific HTML error. Similar options can be configured for every site on the Web Server. Specific Web Site settings override Web Server Settings. To configure these global options, right-click on the Web Sites Folder. Select Properties. Options can now be configured for the Web Server and all the sites it contains.