IIS Administration in Depth

IIS is used by millions of websites all over the world. This course will teach you how to master your IIS servers, improving performance, reliability, scaling, and security.
Course info
Rating
(14)
Level
Intermediate
Updated
Jan 24, 2018
Duration
4h 2m
Table of contents
Course Overview
Improving a Slow Server by Tuning Performance Settings
Managing Multi Tenants in IIS
Checking Your IIS Servers for Vulnerabilities
Securing Your IIS Server
Scaling a Fast-growing Website
Finding Problems Quickly with IIS Diagnostics
Monitoring IIS Websites
Description
Course info
Rating
(14)
Level
Intermediate
Updated
Jan 24, 2018
Duration
4h 2m
Description

IIS servers can be difficult to manage, especially when a company scales and traffic starts to flood in. In this course, IIS Administration in Depth, you will gain the ability to take full control of your servers. First, you will learn how to tune your server to get maximum performance. Next, you will discover ways to check your server for vulnerabilities and secure it from threats. Finally, you will learn how to scale your infrastructure when needed and diagnose problems when they arise. When you're finished with this course, you will have the skills and knowledge of IIS administration needed to effectively manage an IIS infrastructure of any size.

About the author
About the author

Jeremy Morgan is a consultant, tech blogger, and speaker. He likes to stay immersed with the latest in .NET Development and DevOps during the day and working on Linux machines and microcontrollers at night.

More from the author
Creating and Configuring New Websites in IIS
Intermediate
1h 35m
Feb 19, 2019
Installing and Configuring IIS Servers
Intermediate
1h 42m
Aug 17, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Jeremy Morgan, and welcome to my course IIS Administration in Depth. Over 57 million IIS websites are connected to the internet today. IIS powers web servers used in business, education, healthcare, and government. In this course we will deep dive into IIS server administration. Some of the major topics that we will cover include tuning your IIS servers for optimum performance, using diagnostics to quickly troubleshoot problems, scaling your IIS for high traffic, and securing your IIS server from outside threats. By the end of this course you'll know how to effectively run and optimize an IIS server or a cluster of servers of any size. Before beginning the course you should be familiar with the basics of managing an IIS server. I hope you'll join me on this journey to learn IIS administration with the IIS Administration in Depth course at Pluralsight.

Managing Multi Tenants in IIS
Managing multi tenants in IIS. If you have many sites on your server it's important to place boundaries on each. Acme has a few sub-sites that are special company projects and we have to shield the main site in case these sites become heavily loaded. This is a common issue if you're running multiple web applications on your server or if you're running in any sort of shared environment. In this module, we'll cover some ways you can keep your sites compartmentalized and prevent one site from slowing down or stopping your server. We'll cover creating and managing application pools and how we can automate the process. We'll look at the idea of application isolation and why that's important. We'll dig deep into application pool tuning and we'll start with configuring your CPU settings. We'll look at managing process behavior, then we'll take a look at rapid fail protection, and finally, we'll configure our application pool recycling behavior.

Checking Your IIS Servers for Vulnerabilities
If you're a security specialist, you likely have a checklist in your head and a procedural plan for locking down a new server. However, most IIS and even general system administrators also have many other aspects of administration to worry about. They don't have the time to keep up on all the latest vulnerabilities and procedures to memorize them all. This is why there are so many tools available to do automated scanning and discovery of security factors, and that's what we'll look at in this module. We're going to check our server for vulnerabilities. We'll look at the Microsoft Security Assessment Tool to gather and track information about your overall security profile. We'll use the Microsoft Baseline Security Analyzer to check our server for weaknesses we can fix, then we'll scan our server for open ports to make sure our firewall is performing as expected.

Securing Your IIS Server
In this module we're going to learn how to secure an IIS server. The Acme Widgets web server was just set up and before we make it live, we want to make sure it's ready to face the outside world. We're going to examine ways to secure our IIS server. We'll set content security policies so we can specify exactly how we want our content to be used. We will configure dynamic IP restrictions for our website to prevent denial of service or brute force attacks on our server. We will configure request filtering so we can choose the types of request we want our server to process. Finally we'll encrypt our connection strings. Storing our connection in plain text files leaves an opening for attack that we will address here.

Scaling a Fast-growing Website
Exponential growth of web server traffic is a great problem to have. Sales have been through the roof at Acme Widgets and the server is slowing down considerably. In this module, we're going to learn how to scale it up and handle the extra traffic. We're going to create a shared configuration to migrate our websites from server to server. We're going to explore local content versus shared network content. We're going to simulate a load on our server. Next, we'll set up a web farm so multiple machines can serve up our website. Finally, we'll balance the load with Application Request Routing.

Finding Problems Quickly with IIS Diagnostics
In this module we're going to learn some great ways to use IIS diagnostics to troubleshoot and find errors in your server. Whether it's a configuration error or a load error or application error, we'll gain some valuable knowledge from the powerful tools that come with IIS. We're going to examine and understand HTTP error codes and we'll be able to identify what type of error it is just by the number. After understanding the error codes, we'll learn how to find them to track down issues. Next we'll look at troubleshooting application hanging and timeouts, a frequent issue for administrators. Then we'll configure logging so you can log events and store information the way you want, so you can use it later. We'll take a look at error pages, how they work and how to build custom ones. We'll looked at failed request tracing, a powerful tool for diagnosing problems with web requests. Finally we'll look at ASP. NET tracing and how to set it up. So let's dig in and learn about IIS diagnostics.

Monitoring IIS Websites
In a perfect world you have all the bandwidth and fancy hardware you'll ever need and your server is set up so well that you'll never have a problem. But it's not a perfect world and things go wrong, which is why you're in charge of running the server and mitigating problems as they arise. Most server problems fit into a few categories and we've got some awesome tools to narrow down those problems, and that's what we're going to look at in this module. In this module we're going to look at some great tools to help you diagnose performance problems and errors on your server. First we will look at the runtime status and control API, or RSCA. Then we'll examine a few ways to monitor our worker processes. We will take a look at Perfmon, an amazingly powerful tool that helps you spot performance bottlenecks quickly and visually. Finally we'll look at Log Parser, a built in tool to make sense of some of those huge verbose logs. So let's examine these tools and learn how they can make your job easier and make you more effective as an administrator.