This article focuses on one of the features of Windows 8 and Windows Server 2012: IIS 8. In it, I'll give you three new abilities of Internet Information Services 8, and then I’ll show you a couple of different ways to install it on either Windows Server 2012 or Windows 8.
Internet Information Services (IIS) 8 includes many new and improved features that make moving to Windows Server 2012 compelling for organizations that rely on Windows Servers as their web server. For developers and system administrators that are looking to mirror that IIS environment on their workstation for development or testing, IIS 8 gives another reason to move your workstation to Windows 8.
Improvement 1: Centralized SSL Certificate Management
With IIS on Windows 8 or Windows Server 2012, you can take advantage of the SSL certificate management console. This is a central management console that is able to install certificates and work with certificates across all IIS 8 web servers.
This includes the ability to more rapidly bring new servers online by being able to import all certificates that are needed. If a certificate needs to be renewed on multiple systems, it can be done through the IIS 8 certificate management console. You no longer have to log onto each system to update the certificate.
Note: Centralized SSL Certificate management is installed as a separate feature. You can install IIS without Centralized SSL Certificate Support. Centralized SSL Certificate Support is in the security section of “Windows Features.”
Improvement 2: Application Initialization
One frustrating problem that many web server admins face is the problem of slow-responding sites as web applications are initializing. A common workaround is to use tools and scripts to “cold start” the applications early in the morning so that the sites are ready to perform: The in-memory cache is loaded, and in some cases the content must be generated, before the IIS server is ready to respond to HTTP requests.
With IIS 8, Application Initialization lets you establish rules for “warming up” sites. For example, you can have larger applications begin the initialization process earlier than smaller applications. You can also configure through application initialization a new splash screen to be displayed in case people find themselves waiting while the application is initializing.
I can see a much better user experience by logging onto a SharePoint site early in the morning and having the first page displayed being a simple “Please wait while this application is being prepared for use” splash screen instead of just a blank page and a spinning circle.Advertisement
Improvement 3: Dynamic IP Address Restrictions
Restricting access to a website by its IP address is nothing new -- admins have long been able to do that. You can even restrict by a block of IPs in an address range.
The problem that persists is tracking down all of the IP addresses to block. This would usually take a long time of parsing through logs, and even if going through the logs and filtering out the IP addressed were scripted, it is done in a reactive manner.
Instead, using the Dynamic IP Address Restrictions feature in IIS 8 for Windows 8 and Windows Server 2012, you can specify on a per web application level the maximum number of connections that an IP address can create within a certain time frame. And you can also specify the maximum number of attempts that can be made into the IIS 8 server from an IP address within a specific time. Any attempts beyond what is allowed are automatically filtered out, making your web applications and your web server much more resistant to malicious activity.
Dynamic IP Address Restrictions is added as an additional feature of IIS that is not installed by default. To install the feature, open Windows Features, then place a check in the box to select Web Server (IIS) -> Web Server -> Security -> IP and Domain Restrictions. After all that, click Finish.
Notes on Installing IIS 8: Everything you need to know about installing IIS 8
IIS 8 is only available on Windows Server 2012 and Windows 8. Some features that were released or upgraded with IS 8 are available as a hotfix for IIS 7.5, including Dynamic IP Address Restriction and Application Initialization.
How to Install IIS 8 on Windows Server 2012 with Server Manager
Using Server Manager is the most typical way to install IIS 8 on Windows Server 2012.
- In Server Manager, Select Add Roles and Features
- Select Role based or feature based, then click Next
- Choose which servers or virtual hard disks in which to install II8
- By default, the local server is selected
- Other online servers are accessible once they’ve been added to the server pool
- You can select a VHD of an hyper-v virtual machine as an alternative to selecting a server
- Select Web Server (IIS) on the Server Roles page and click Next
- Click Next on the Features page
- You can customize the installation or accept the defaults on the Web Server Role (IIS) and Role Services pages. Then click Next.
- Click Install. When completed, click Close.
How to Install IIS 8 on Windows 8
Installation on Windows 8 is very similar to installation on Windows Server 2012.
- From the Start Screen, type “features
- Select Programs and Features from the Settings group (under Applications)
- Select Internet Information Services on the “Turn Windows Features On and Off” dialog
- Select any additional features such as the IP and Domain Restrictions or Centralized SSL Certificate Support
- Click OK
- Click Yes to any notifications of additional features required to proceed
Once completed, you will have IIS Manager available on your start screen for administration of IIS 8.
If you have been considering Windows Server 2012 or Windows 8 in your environment and wondered if there were any worthwhile improvements made in the Web Server functionality within Windows, then you will be happy to know that IIS 8 provides many excellent improvements for your web servers.
Some of the highlights of the improvements in IIS 8 are the ability to dynamically restrict IP addresses at a web application level and the ability to have web sites initialize themselves on a rule based schedule without the use of scripting or third party utilities.Advertisement