IIS Knowledge Base Guide
Why Install IIS on F: Drive Instead of C:
Performance Benefits
- Separates web content from system drive to reduce I/O contention
- F: drive is typically larger storage dedicated to data
- C: drive reserved for operating system files
Management Advantages
- Easier backup strategies - web content isolated from system files
- Better security through application separation
- Corporate policies often mandate separating applications from OS
- Storage management - prevents web logs from filling system drive
IIS Manager vs Log Files
IIS Manager
What it is: Graphical management console for configuring IIS
- Configure websites, application pools, virtual directories
- Set authentication, SSL certificates, URL rewriting rules
- Monitor real-time performance and active connections
- Location: %windir%\system32\inetsrv\InetMgr.exe
IIS Log Files
What they are: Automatically generated records of all web requests
- Default location: C:\inetpub\logs\LogFiles\W3SVC1\
- Contains request details, response codes, timestamps, IP addresses
- Used for traffic analysis, troubleshooting, security monitoring, compliance
W3C Log Format - Why Use It?
Industry Standard
- W3C Extended Log Format is universally recognized
- Compatible with most log analysis tools (LogParser, AWStats, Webalizer)
Customizable and Efficient
- Choose which fields to log (date, IP, status codes, user agents, etc.)
- Only logs necessary data, reducing file size and storage costs
- Well-structured format enables automated parsing and analysis
Tool Integration
- Works seamlessly with Microsoft LogParser
- Supports third-party analytics and monitoring solutions
- Easy to import into databases and reporting tools
IIS Server Configuration Options
.NET Authorization
Purpose: Controls access to .NET applications and resources
What it manages:
- Authentication methods (Windows Authentication, Forms Authentication, Anonymous)
- Authorization rules for specific users and roles
- Access control for pages, directories, or application methods
- Integration with ASP.NET membership providers and Active Directory
.NET Compilation
Purpose: Defines how ASP.NET code is compiled and executed
Key settings:
- Debug vs Release mode: Debug includes debugging symbols, Release is optimized for performance
- Target Framework: Specifies .NET version (.NET Framework 4.8, .NET Core, etc.)
- Compilation options: Batch compilation settings for better performance
- Temporary files: Manages compiled assemblies in temporary ASP.NET files directory
.NET Error Pages
Purpose: Controls how application errors are displayed to users
Configuration options:
- Custom error pages: Display user-friendly pages instead of technical stack traces
- Error modes:
- On - Always show custom errors
- Off - Always show detailed errors (development only)
- RemoteOnly - Show custom errors to remote users, detailed to local users
- Default redirects: Specify custom pages for 404 (not found) and 500 (server error) responses
- Security benefit: Prevents sensitive application information from being exposed to end users
MIME Types
Purpose: Tells web browsers how to handle different file types
How it works:
- File associations: Maps file extensions to content types
- .pdf → application/pdf
- .jpg → image/jpeg
- .json → application/json
- Browser behavior: Determines whether file is displayed in browser or downloaded
- Content handling: Controls streaming, caching, and compression settings
- Security: Prevents execution of unknown or potentially dangerous file types
Common MIME types:
- text/html - HTML web pages
- text/css - Cascading Style Sheets
- application/javascript - JavaScript files
- image/png - PNG image files
- application/json - JSON data responses
- application/octet-stream - Generic binary files (forces download)
Quick Reference
Default Log Location: C:\inetpub\logs\LogFiles\W3SVC1\
IIS Manager Path: %windir%\system32\inetsrv\InetMgr.exe
Log File Naming: ex[YYMMDD].log (example: ex241201.log for December 1, 2024)
Key Log Fields:
- date time - When request occurred
- c-ip - Client IP address
- cs-method - HTTP method (GET, POST, etc.)
- cs-uri-stem - Requested URL path
- sc-status - HTTP response code
- time-taken - Processing time in milliseconds