Chapter 13


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Chapter 13

  1. 1. Ch. 13 – Administering Web Resources MIS 431 – Created Spring 2006
  2. 2. This is the Big Deal with Servers! <ul><li>Install and configure IIS – Internet Info Services </li></ul><ul><li>Create/configure web site virtual servers and virtual directories </li></ul><ul><li>Configure web site authentication </li></ul><ul><li>Install and maintain FTP virtual servers </li></ul><ul><li>Update and maintain IIS security </li></ul><ul><li>Create and modify web folders </li></ul><ul><li>Install and user Remote Installation tools </li></ul><ul><li>Install and configure web based printing </li></ul><ul><li>Troubleshoot web client browser connectivity </li></ul><ul><li>Customize HTTP error messages for your server </li></ul>
  3. 3. IIS 6.0 Components: major league! <ul><li>Basic Services </li></ul><ul><ul><li>World Wide Web service (HTTP) </li></ul></ul><ul><ul><li>File Transport Protocol service (FTP) </li></ul></ul><ul><ul><li>Network News Transport service (NNTP) </li></ul></ul><ul><ul><li>Simple Mail Transport Protocol service (SMTP) </li></ul></ul><ul><ul><li>FrontPage Server Extensions </li></ul></ul><ul><li>Cost: free – built into WS03 </li></ul><ul><ul><li>Fast – handles many users simultaneously </li></ul></ul><ul><ul><li>ODBC interface to databases </li></ul></ul>
  4. 4. More About IIS as a Service <ul><li>When you install IIS, service starts automatically when the server boots </li></ul><ul><ul><li>Can control web server, FTP server, SMTP, NNTP separately at start up time </li></ul></ul><ul><ul><li>Can check </li></ul></ul>
  5. 5. Installing IIS <ul><li>Implementation type </li></ul><ul><ul><li>Internet server </li></ul></ul><ul><ul><li>Intranet server (very cool-works same way) </li></ul></ul><ul><li>Be careful – you can install things that may cause an attack from the Internet based on new services that appear (e.g., port 80) </li></ul><ul><li>Built into WS03 – </li></ul><ul><ul><li>Start | Control Panel | Add/Remove Programs </li></ul></ul><ul><ul><li>Click Add/Remove Windows Components </li></ul></ul><ul><ul><li>Choose Application Services, then Details for IIS pieces; continue to drill down when grayed out </li></ul></ul>
  6. 6. Installing IIS, contd. <ul><li>Minimum services to check </li></ul><ul><ul><li>Common Files </li></ul></ul><ul><ul><li>File Transfer Protocol Service (read only) </li></ul></ul><ul><ul><li>Internet Information Services Manager </li></ul></ul><ul><ul><li>World Wide Web Service </li></ul></ul><ul><li>Optional Parts </li></ul><ul><ul><li>Internet Printing – you know this one </li></ul></ul><ul><ul><li>NNTP Service – network news groups </li></ul></ul><ul><ul><li>SMTP Service – outbound e-mail server </li></ul></ul>
  7. 7. Anonymous Access <ul><li>Anonymous Access sets up the ability for any user to view a web site (or FTP site) </li></ul><ul><ul><li>System creates an AD user account called IUSR_ servername for anonymous access </li></ul></ul><ul><ul><li>Other system accounts are likewise created </li></ul></ul><ul><li>Absence of this feature requires the user to authenticate before they can view a page </li></ul><ul><ul><li>Hint: this is necessary for some of your web folders, so prepare a security plan to accommodate those areas </li></ul></ul>
  8. 8. IIS 6.0 Changes over IIS 5.0 <ul><li>Visually, they look the same and are basically managed the same way </li></ul><ul><li>Internal changes </li></ul><ul><ul><li>How processes are handled by IIS </li></ul></ul><ul><ul><li>Metabase configuration information stored in XML files – easier for a human to read/debug </li></ul></ul>
  9. 9. Configuring the Web Server <ul><li>Start the IIS MMC – can find in </li></ul><ul><ul><li>Computer Management (look under Services) </li></ul></ul><ul><ul><li>Its own MMC (in Administrative Tools) </li></ul></ul><ul><ul><li>Build a custom MMC (Start | Run | MMC, then add….) </li></ul></ul><ul><li>Use Remote Administration (only if installed) </li></ul><ul><ul><li>Can administer from any web browser using port 8099 </li></ul></ul><ul><ul><li>Uses port 8098 to create a secure connection through the Internet (but need to work with security for https ) </li></ul></ul><ul><ul><ul><li> from the server itself </li></ul></ul></ul><ul><ul><ul><li>https://139.102.31. nn :8098 from another client </li></ul></ul></ul><ul><ul><li>Useful if you don’t have Terminal Services on the client computer you are using or a slow dial-up connection </li></ul></ul>
  10. 10. IIS Snap-In (MMC) <ul><li>See Fig 13-5 for IIS Manager. Left pane includes … (also see next slide) </li></ul><ul><ul><li>FTP Sites </li></ul></ul><ul><ul><li>Application Pools </li></ul></ul><ul><ul><li>Web Sites </li></ul></ul><ul><ul><li>Web Service Extensions </li></ul></ul><ul><ul><li>Default SMTP Virtual Server </li></ul></ul><ul><ul><li>Default NNTP Virtual Server </li></ul></ul><ul><li>Click + in front of a line to see contents </li></ul>
  11. 11. IIS Manager Window Name of server
  12. 12. IIS Manager, contd. <ul><li>Rt click a web site and choose Properties </li></ul><ul><li>Web site properties (see Fig 13-7 p.522) tabs </li></ul><ul><ul><li>Web Site – identification (name), logging </li></ul></ul><ul><ul><li>Performance - </li></ul></ul><ul><ul><li>ISAPI Filters </li></ul></ul><ul><ul><li>Home Directory – where on server files are stored </li></ul></ul><ul><ul><li>Documents – if file is listed, no need to type in URL </li></ul></ul><ul><ul><li>Directory Security – allow anonymous access? </li></ul></ul><ul><ul><li>HTTP Headers </li></ul></ul><ul><ul><li>Custom Errors – name of HTML file with custom error </li></ul></ul><ul><ul><li>Service </li></ul></ul>
  13. 13. Default Web Site Properties Web Site Tabs
  14. 14. IIS Web Site Tab <ul><li>Description – Default Web Site (or other name) </li></ul><ul><li>IP Address – can add multiple IP addresses </li></ul><ul><li>Ports – TCP default is 80, SSL assignable </li></ul><ul><li>Advanced – used for setting up alternate name web site (host header feature) </li></ul><ul><li>Connections – for setting limits. (Also see Performance tab) </li></ul><ul><li>Enable Logging – who has been here </li></ul><ul><ul><li>Web and FTP server logs by day or other time </li></ul></ul><ul><ul><li>Can choose what information to keep </li></ul></ul>
  15. 15. IIS Home Directory Tab <ul><li>Gives location and name of the web site on </li></ul><ul><ul><li>this server or a share on another computer </li></ul></ul><ul><ul><ul><li>c:inetpubwwwroot (in this case) </li></ul></ul></ul><ul><ul><li>or redirected to a URL </li></ul></ul><ul><ul><li>Access rights: read, write, directory browsing, script source access, log visits </li></ul></ul><ul><ul><li>Execute permissions: none, script only, or scripts and executables </li></ul></ul>
  16. 16. IIS Documents Tab <ul><li>Which documents are loaded if no file name appears at the end of the user’s URL </li></ul><ul><ul><li> ______ </li></ul></ul><ul><li>Common: default.htm, default.asp, index.htm, index.html, home.htm </li></ul><ul><ul><li>Also choose the priority order </li></ul></ul><ul><li>Can add a footer to end of every web page </li></ul><ul><ul><li>Ex: copyright section and for more information section </li></ul></ul><ul><ul><li>Saves time and allows it to be changed at server level just once (server-side include) rather than each document </li></ul></ul>
  17. 17. IIS Directory Security Tab <ul><li>Anonymous access allowed? </li></ul><ul><ul><li>If yes, what authentication? (clear text or Windows which requires IE browser) </li></ul></ul><ul><li>IP address and domain restrictions: eliminate known hackers from gaining access to the web server’s pages </li></ul><ul><li>Set up secure communications with digital certificates </li></ul>
  18. 18. IIS HTTP Headers Tab <ul><li>Enable content expiration </li></ul><ul><ul><li>If page is beyond elapsed content time, it will fetch a new page from the hard drive rather than the server’s disk cache </li></ul></ul><ul><li>Establish content rating </li></ul><ul><li>Custom HTTP headers (information returned to the client’s browser when requested) </li></ul><ul><li>Configure additional MIME (multipurpose Internet mail exchange) file types </li></ul><ul><ul><li>Tells server how to handle files received from a server </li></ul></ul>
  19. 19. IIS Custom Errors Tab <ul><li>Gives name of each file for server errors </li></ul><ul><ul><li>C:winnthelpiisHelpcommon404c.htm for the 404 Error – File Not Found </li></ul></ul><ul><ul><li>Can modify this file or substitute your own file for this </li></ul></ul><ul><ul><li> </li></ul></ul><ul><li>You are asked to create a custom error file in the next project </li></ul>
  20. 20. IIS Server Extensions Tab <ul><li>FrontPage installs this automatically when installed on the server </li></ul><ul><ul><li>Also available from the Windows Add/In Tools </li></ul></ul><ul><li>Lets you configure the server extensions </li></ul><ul><ul><li>Author the root web? Can prevent changes </li></ul></ul><ul><ul><li>Specify how mail is sent (e.g., web form notice) </li></ul></ul><ul><ul><li>Security settings </li></ul></ul>
  21. 21. Other IIS Features <ul><li>Set these features by selecting the Default Web Site, rt-click and choosing Properties </li></ul><ul><ul><li>Lower level webs inherit default settings </li></ul></ul><ul><ul><li>You can set properties of lower level webs independently – e.g., make certain webs not have anonymous access , requiring authentication </li></ul></ul>
  22. 22. IIS Server Extensions <ul><li>Used to activate certain server features </li></ul><ul><ul><li>FrontPage can manage files without FTP (e.g., click Save button and drag-and-drop) </li></ul></ul><ul><ul><li>Administer webs with FrontPage </li></ul></ul><ul><ul><li>Allow certain active content such as hit counter, hover buttons, email web form handling, interactive discussion groups, etc. </li></ul></ul><ul><li>MS also has Server Extensions for other operating systems and other web server SW </li></ul>
  23. 23. Creating Virtual Web Sites <ul><li>IIS has the ability to host a number of web sites or virtual servers on a single server </li></ul><ul><li>Procedure to create a virtual web site: </li></ul><ul><ul><li>Identify the IP address of new web site </li></ul></ul><ul><ul><li>Identify the TCP port of the new web site </li></ul></ul><ul><ul><li>If you have multiple virtual servers responding to the same IP address, identify the host header name of the new web site (cool!) </li></ul></ul><ul><ul><ul><li>E.g., is and and you distinguish not in the DNS (both are 31.12) but in host header name </li></ul></ul></ul>
  24. 24. Virtual Directories (e.g., web folders) <ul><li>Can have information stored on servers throughout the organization and have this information appear on your web server </li></ul><ul><ul><li>Essentially, create an alias for the remote folder and append that to the normal URL </li></ul></ul><ul><ul><li>Can refer to it as / customers </li></ul></ul><ul><li>Procedure </li></ul><ul><ul><li>Create the remote folder and add HTML file(s) </li></ul></ul><ul><ul><li>In IIS, create New virtual directory in web site </li></ul></ul><ul><ul><li>Provide share name erverXXvirtualdirectory as path </li></ul></ul><ul><ul><li>Give it the alias name, and finish. </li></ul></ul>
  25. 25. Server Certificates and SSL <ul><li>Implement SSL in Directory Security tab to encrypt traffic between clients and server </li></ul><ul><ul><li>https:// is designation for this protocol </li></ul></ul><ul><ul><li>Look for closed padlock icon in browser </li></ul></ul><ul><ul><li>Uses TCP port 443 by default </li></ul></ul><ul><ul><li>Requires a digital certificate be installed on your server: </li></ul></ul><ul><li>See handout on SSL concepts placed in your discussion group mailbox. </li></ul>
  26. 26. FTP Servers <ul><li>FTP is used to transfer files between two computers running TCP/IP </li></ul><ul><ul><li>Breaks the files into packets that can be transferred, then reassembled into order at the destination and the file saved </li></ul></ul><ul><ul><li>Checks for accuracy, so these transfers are error free (part of the protocols used) </li></ul></ul><ul><li>FTP server should NOT have anonymous access and Write privilege unless you have set strict quota limits </li></ul>
  27. 27. FTP Properties <ul><li>See fig 13-22 p. 543 for standard Properties dialog box. Standard tabs: </li></ul><ul><ul><li>FTP Site: name, port (21), IP address, connection limits, logging </li></ul></ul><ul><ul><li>Security Accounts: anonymous access? </li></ul></ul><ul><ul><li>Messages: welcome and exit messages displayed to users of the site </li></ul></ul><ul><ul><li>Home Directory: where the site is located </li></ul></ul><ul><ul><li>Directory Security: who can/can’t use the site </li></ul></ul>
  28. 28. Etc. <ul><li>There are some miscellaneous topics at the end of the chapter – take a look </li></ul><ul><li>FrontPage Extensions – allows security to be established via FrontPage client </li></ul>