Get documents about "IST360 - Configuring a Web Server.ppt - NAIT
Document Sample
Configuring an IIS Web Server
IST360 – Textbook pgs. 305-353
Objectives
Describe how a web server works
List the two most common web servers
Determine how to host multiple web sites
on a single web server
Understand the use and set-up of Virtual
Directories
Understand the use of different web server
authentication methods
How a web server works
The main purpose of a web server is to
send HTML documents to a browser
This is typically accomplished via either
HTTP or HTTPS protocols
The two most common web server
platforms are Apache and IIS
Just over half of all web servers run on
Apache (check out current percentages at
www.netcraft.com )
Understanding HTTP
HTTP is a stateless protocol (each web page
sent is independent of any other)
HTTP version 1.1 allows for persistent
connections.
This allows the browser to receive multiple files
for each TCP connection (used when a web
pagehaspictures,etc…)
HTTP headers contain information such as
version and platform of the web server,
server date and time, and the last time the
file was updated.
Features of Apache Web Server
Apache web server can run under LINUX,
UNIX, or even Window$ (not as common)
Old versions 1.3, 2.0, current is 2.2
Apache philosophy is to start with a minimal
set-up and then expand as necessary
Supports IPv6 and Unicode (multiple
language support)
Features of Microsoft
Internet Information Services
Not surprisingly, only runs on a Microsoft OS
Adds to HTML built-in support for dynamic
content with Active Server Pages (ASP\ASPX)
Newest version is 7.0, Win2k3 server utilizes
version 6.0, older versions had security flaws
Runs the web service with a user context of
IUSR_hostname (account is installed when
IIS is installed – must have logon local right)
The account IUSR_hostname password is
maintained by the server if left untouched.
Features of Microsoft
Internet Information Services
All users who connect to the server
anonymously (those who do not login) utilize
the IUSR_hostname account to view the
website's files. Therefore, NTFS read
permissions must be given for the
IUSR_hostname account to the files and
folders that run under the website.
Website folder NTFS permission changes
require a restart of the website in order to
take effect.
Features of Microsoft
Internet Information Services
Supports:
Web distributed authoring and versioning
(WebDAV)
Web folders (used with WebDAV & FrontPage)
Named virtual hosting
Multiple user domains
Kerberos
SSL\TLS 3.0
Features of Microsoft
Internet Information Services
Version 6 adds:
Increased security – defaultinstallis“locked
down”
Expanded language support (XML and SOAP)
IPv6
Increased dependability through kernel-mode
HTTP service (http.sys) and a self healing
mechanism…
IIS lockdown wizard utility configures security
for those with limited Admin experience
Microsoft Internet Information
Services components
FrontPage Server Extensions:
Allows applications such as FrontPage and
Visual Studio to easily upload files to the Web
server.
Microsoft Data Engine (MSDE)
A scaled-down version of SQL server that
supports up to 5 simultaneous connections
File Transfer Protocol Service (FTP server)
Simple Mail Transport Protocol Service
(SMTP service for sending email)
Installing IIS / IIS components
Control Panel
Add or Remove Programs
Add or Remove Windows Components
*ApplicationServer,…Details
InternetInformationServer,…Details
WorldWideWebServices,…Details
Configuring Web Sites in IIS
IIS is initially set up with one web site called
“DefaultWebSite”
IIS will by default respond to all requests on all
network cards enabled on the system
Three ways to add more web sites:
Have the new web site respond on a different port
(other than 80)
Add more network cards into your server and assign
each to a web site or, assign multiple IP addresses to
one network card and then assign each address to a
web site
Use host headers with DNS or a hosts file
Configuring Web Sites in IIS
If you are running multiple web sites on a
server there should be a DNS entry for each
hostname.
Without proper DNS entries, connections
can be made using the IP address.
How could you setup a client machine to
attach using a hostname without updating a
DNS server?
Securing Web Sites in IIS
In order to run a proper e-commerce site on
a web server you need to add a certificate
to a website (each different certificate
requires it's own website).
Certificates can be purchased through a
registered Certificate Authority.
By default, secure websites run using the
HTTPS protocol on port 443.
Understanding Virtual Directories
The Web root directory is the default
starting folder area of a web server - E.g.:
\inetpub\wwwroot - IIS
/var/www/html - Apache
A Virtual Directory is a Web directory that is
typically not located under the Web root
and could be located:
On another disk drive or partition
On a directory located on another computer
On a URL located on another Web server
Understanding Virtual Directories
A Virtual Directory is a child object of a
website. It utilizes the parent website;
IP address, HostName, and Port structure
Certificate (if installed)
Bandwidth restriction setting
Logging method setting
The URL of a Virtual Directory will always
include the website name as it's prefix
(EG: http://websitename.tld/virtualdirname
Understanding Virtual Directories
Virtual directories are used to:
Set different levels of access permissions
Allow/disallow scripts (dynamic applications)
Reduce clutter and help maintain organization
Isolate applications from one another
Set custom documents, headers, and error
messages
Set different levels of NTFS permissions
Summary
How many web sites could you house on one
physical web server?
Which web server is the most popular?
How could you use more than one certificate on
an IIS web server?
Where can a Virtual Directory be located?
Why would you use a Virtual Directory?
Do: pages 331-338 , 338-340, 346-351
Hands on projects: 6-1, 6-2, 6-3 (ignore page 360),
and 6-7
