Securing and managing Microsoft IIS
The Right Tools
In this article, I look into the options Microsoft provides for effective management of Internet Information Services (IIS). You can easily manage web servers on Windows Server 2019 with multiple tools in parallel (e.g., the IISAdministration module in PowerShell). The command line on Windows servers also offers a way to manage the web server with the appcmd
and iisreset
tools, not only for servers with graphical user interfaces, but also for core servers and containers. In this article, I assume you have IIS configured on Windows Server 2019 (Figure 1), but most settings also apply to Windows Server 2012 R2 and 2016.
Managing the Web Server and Sites
Once IIS is up and running, it can be managed with the IIS Manager. The fastest way to launch this tool is to enter inetmgr.exe
. If you do need to restart the IIS system service, you can use
net stop w3svc net start w3svc
or you can work with Stop-Service
, Start-Service
, or Restart-Service
in PowerShell. In Windows Admin Center, you can use the Services
area. The system services themselves can be accessed by typing services.msc
.
To restart the web server, run either of the following commands at the command line:
iisreset iisreset /noforce
In addition to starting and stopping the entire server, you can also temporarily disable individual websites. All other websites on the server are unaffected; open the IIS Manager and click on the website you want to restart or stop. In the Actions area of the console, the Manage Website section displays the commands for restarting and stopping.
At the command prompt, you can use the appcmd
tool to restart or quit. Type the commands
appcmd stop site /site.name:contoso appcmd start site /site.name:contoso
to stop and restart the Contoso website. However, the tool is not directly in the path for the command prompt, so it cannot be called directly. First you need change directory to \Windows\System32\inetsrv
. You can get detailed help by typing appcmd /?
. Because help is context sensitive, you can also get appropriate support for individual commands, such as appcmd site /?
.
Viewing Requests and Creating Backups
The appcmd
command displays the current requests to a web server and backs up its data. Current requests can be retrieved and the settings of a server backed up by typing:
appcmd list request appcmd add backup <name>
Creating a backup is a good idea before you start making system changes. The existing backups can be viewed and restored with:
appcmd list backups appcmd restore backup <name>
However, if you back up the server before changing to a distributed configuration and restore this backup, you will have a local configuration again after the restore.
Of course, you should run this backup as a regular task on Windows and save the IIS configuration to a file:
%WinDir%\system32\inetsrv\appcmd.exe add backup "<name of backup>"
Then, you can delete existing backups with the
appcmd.exe delete backup "<name of backup>"
command.
Developer Tools in Internet Explorer and Edge
The developer tools in Internet Explorer and Edge are interesting for administrators and developers alike. To access them, press F12. The tools display the source code for a page and help with error analysis (e.g., if a page takes a long time to load). The Network tab lets you check the loading times of pages to determine which areas of a website delay loading. To analyze a page later, just save the output.
Buy this article as PDF
(incl. VAT)