devxlogo

What’s New In IIS 6.0: A Practical Administrative Guide (Part 2 of 2)

What’s New In IIS 6.0: A Practical Administrative Guide (Part 2 of 2)

he Web service Extensions management console (see Figure 1) is a new feature you’ll find in the IIS 6.0 management application. This utility gives you a Control Panel-like way to configure your IIS components. You can allow, prohibit or change the settings for various types of IIS services using this tool. You can also use the Web service Extensions management console to add and edit recognized IIS extensions (ISAPI applications and third-party IIS tools). Finally, you can use it to enable or disable all Web service Extensions. Here’s a list of default components you can enable or disable through the Web service Extensions management console:

  • ASP.NET executions
  • ASP executions
  • CGI and ISAPI applications
  • Front Page Server Extensions 2000 and 2002
  • WebDAV support for IIS directories
Working with ASP.NET
ASP.NET is the most recent version of Microsoft’s Active Server Pages technology. IIS 6.0 lets you run both the previous ASP version (classic ASP) and ASP.NET applications simultaneously. ASP.NET code runs on the .NET framework, while the classic ASP scripts run using the older Windows Component Object Model (COM). The ASP.NET model is scalable and performs better than the classic ASP model. You can use classic ASP scripting inside ASP.NET scripts, but you’re generally better off to use “code-behind” which separates programming logic from the HTML code needed to display the content in a browser. You’re no longer limited to VBScript or JScript, either; you can create ASP.NET applications in any .NET-compatible language, such as C#, VB.NET, Jscript.NET, J#, etc. Before you can run ASP.NET on IIS though, you must first enable ASP.NET support from the Web service Extensions management console. You need to follow these steps:
  1. Navigate to Start | Administrative Tools | IIS Manager.
  2. Click on Web Server Extensions node on a selected server name. Figure 1 is similar to a default view of the Web service extensions window.
  3. Select the ASP.NET option from the Web Service Extension window. You can click on the Allow or Prohibit button to enable or disable ASP.NET access.
Author’s Note: If the IIS server does not recognize a ASP.NET file (.aspx file extension) the server will return the static text content of the aspx file as the response rather than invoking the ASP.NET engine and processing the aspx file properly. This can happen if you reinstall IIS without reregistering ASP.NET. New IIS 6.0 installations are not automatically ASP.NET-enabled; therefore, you have to re-register ASP.NET after installing or reinstalling IIS.

Assigning Resources to Applications
You can assign resources to applications in different ways. The most common way is to select the application, and then use the Properties dialog to control caching, performance and process options.

Restricting Bandwidth
You can use IIS’s bandwidth throttling option to restrict resources for a given application. (You can find the bandwidth option under the Performance section in the Properties dialog.) The maximum (and default) bandwidth value is 1024 KB per second. You can enable bandwidth throttling by selecting the Limit the network bandwidth to this Web site check box and specifying a maximum kilobytes per second value. You can also limit the number of connections to the Web site by using this Performance tab. Select either the Unlimited or Connection limit to option button and specify a connection value.

Worker Process Recycling and Impact on Session Data
One of the reasons classic ASP became instantly popular is because it made maintaining data for individual browser instances much simpler by introducing the concept of Session data. ASP used a unique server-generated HTTP cookie value to connect a specific browser instance with information stored on the server concerning that browser instance’s activities. ASP sessions timed out if 20 seconds elapsed without a new request from a specific browser, but otherwise remained valid as long as IIS was running.

In contrast, IIS 6.0 works on a worker process model; when the worker process stops you lose all the session information. The default installation configures IIS to recycle a given worker process every 120 minutes. But there’s a problem. Under certain abnormal conditions, the recycle process can cause your ASP.NET applications to lose Session data. So why does IIS 6.0, by default, recycle processes at all? The answer is that by refreshing the worker process every so often, IIS ensures that even if bad code or memory leak errors slow down or tie up the worker process, the application itself will eventually refresh and remain available (under a new process) for users. In addition, recycling worker processes ensures that a single leaking or rogue application won’t permanently affect the server.

You can limit the possibility for Session data loss if you run out-of-process Sessions (such as storing Session data in SQL server). When you do that, shutting down a process has no effect on the data stored for any particular Session?which is why Microsoft recommends that you store session state externally. Under normal conditions, recycling gives the active worker process an allotted (configurable) time interval to finish its current requests. Session data loss will occur only if the active worker process refuses to shut down within the allotted interval.

If you find that the recycling process affects your application, you can either disable worker process recycling or increase the timeout value of the application shut down interval to solve the problem. Here are the steps,

  1. Open IIS Manager
  2. Select Application Pools and right click on the correct application pool for your Web site
  3. Select Properties.
  4. Select Recycling tab
  5. To disable worker process recycling uncheck the Recycle worker process (in minutes) option. Alternatively you can select the option and enter a figure to extend the time in the text field. (see Figure 2)
  6. Click OK
Backing up and Restoring the Metabase
The IIS 6.0 Metabase stores IIS configuration settings as XML. You should back up the Metabase regularly. The Metabase has two components: the Metabase.xml, which holds the data, and the Metabase schema file. Backing up the Metabase makes backup copies of both files, using a .mdVersionNumber file for the Metabase and a .scVersionNumber file for the schema file. You can safely restore the Metabase from a backup if you lose all the IIS settings. It’s important that you understand that the backup utility backs up only IIS entries, not Web site content. Therefore, you need to configure the Web site manually after a restore. Here are the steps to create and restore backups.
  1. Open the IIS Manager utility.
  2. Select the server and right click and select All Task | Backup / Restore Configuration.
  3. You will get the Configuration Backup/ Restore window (see Figure 3)
  4. Select the Create Backup button to create a backup (It will take the next version number by default) or select a backup and click the Restore button to restore the IIS settings.
Enable Health Detection
Health detection lets IIS monitor its worker processes. You can enable pinging and configure rapid fail protection from the Health tab on the Properties dialog (see Figure 4).

When you enable pinging, the IIS root process contacts the worker thread every X seconds, where X is the number of seconds between pings?the ping interval. The default ping interval is 240 seconds. You can also set a process startup time limit (if you’ve enabled process recycling) and a shutdown time duration (if the worker process gets into a deadlock position) using the Health tab.

Sub-Authentication Error (401 Error)
The sub-authentication component (iissuba.dll) manages anonymous accesses to Web sites. This DLL is not enabled by default in IIS 6.0. This was done to avoid potential security risks due to anonymous access. You can enable the sub-authentication component by registering iissuba.dll and setting the AnonymousPasswordSync attribute in the Metabase to true. The IIS administrator will get a warning when anonymous access is enabled.
Author’s Note: The sub-authentication component for anonymous access is enabled by default in IIS 5.0 and below, but not enabled by default in IIS 6.0

You can see by the number of new security, scalability, and server health features that IIS 6.0 raises the bar in the Windows Web server space. IIS 6.0 increases scalability and server health by using the worker process model. The change in default settings and the new focus on security reflect Microsoft’s new security emphasis via its Trustworthy Computing initiative. The XML Metabase creates a more flexible mechanism for storing server settings, and increase both the simplicity and power of IIS administration.

devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist