|
|
Let’s move on and look at how to create additional websites on your IIS machine. IIS supports hosting a limitless number of websites on a single machine—the real limit being the hardware that supports the platform, because hosting too many sites on a given machine will eventually affect performance. Let’s assume that you’ve already created some directories on the machine (or on a network file server) as home directories for the sites you are going to create, and that you’ve assigned some additional IP addresses to the machine for those sites requiring their own separate IP address. How do you go about creating a new website on IIS? The answer is another wizard!
You can create a new website on an IIS machine using the Web Site Creation Wizard (see Figure 7-14). Just right-click the Web Sites node in IIS Manager and select New | Web Site to start the wizard (or import a site configuration file, as discussed earlier). Then follow these steps, clicking Next when appropriate:
Figure 7-14: The Web Site Creation Wizard
Specify a description (name) for the website. This name is not used by users for accessing the site, it is simply used to identify the site in IIS Manager.
Specify an IP address, port number, and/or host header name to identify the site to users (more about this in a moment).
Specify the path to the home directory for the site and whether anonymous users will be allowed to access the site. If the site will be used as a public Internet site, leave anonymous access enabled; if it’s used as a corporate intranet site, deselect this option and configure the appropriate authentication method you desire later (IIS authentication methods will be covered in Chapter 10).
Specify suitable website access permissions for your site (the default is to allow Read And Run Scripts and deny everything else).
Click Finish to create the new site (it is started automatically).
Note | You can also create new websites from the command line using the iisweb.vbs script, which we’ll look at later in Chapter 11. |
Try opening your new website by right-clicking it in IIS Manager and selecting Browse. If you can’t open it, check to see that you have the proper default document configured for the site and that the home directory is correct. If you get an authentication dialog box appearing asking for your credentials before you can browse the site, check to make sure that anonymous access is enabled using the Directory Security tab, and check the NTFS permissions for your site’s home directory to ensure that Everyone or some other suitable group or built-in identity is granted at least Read permissions on the home directory. For more information about troubleshooting IIS, see Chapter 13.
One thing I glossed over is how to identify websites to users when you are hosting multiple sites on a single IIS machine. Web Site Identity is configured on the Web Site tab of the site’s properties sheet (see Figure 7-2 again) and is determined by three kinds of attributes: IP address, port number, and host header name. Two different websites hosted on the same IIS machine must differ in their identities by at least one of these three attributes. Let’s look at each of these attributes separately and discuss the pros and cons of using them for identifying websites.
First, you can identify each website on your machine using a separate IP address. This scenario is typically used in a public web hosting environment at an ISP or ASP and ensures that any web browser (including very old ones) can access each site. The method can also be used in a corporate (intranet) environment, provided the administrator obtains a sufficient quantity of globally unique IP addresses from the company’s ISP to enable the site to be accessed by mobile or remote users over the Internet. Finally, this method should be used when hosting secure websites that use SSL, since host header names (the other popular method for identifying websites) don’t work in this scenario.
So in this method, each website is uniquely identified to users by assigning them a different IP address, while the TCP port numbers are left at 80, and no host header names are created. The Default Web Site (if you have one) should be assigned the IP address All Unassigned and you should ensure you have enough IP addresses bound to your server’s network card to go around.
Note | There’s also a performance issue associated with having too many websites identified by unique IP addresses on a single machine; see Chapter 12 for more information. |
Normally, the TCP port number for a website is left at its default value of port 80 (or port 443 if you have SSL enabled on your site). You can uniquely identify a website on your machine by giving it a different port number. The only problem with this is that for users to access your site, they need to know the port number if it is something different from 80 (or 443 for SSL).
For example, I could create two websites on a server named SNOOPY and assign both sites the same IP address. Let’s say I call one site Sales and assign it TCP port number 80, while the other is called Support and is assigned port number 8080. To access the Sales site, users would use the URL http://snoopy; while to access the Support site, they would have to type http://snoopy:8080. As in this example, whenever a nonstandard TCP port number is used by a site, the URL to access the site must explicitly indicate this port number using the syntax http://server_name:port_number.
Clearly, this is not a popular solution for identifying websites, and it is generally only used for “secret” websites like the Administration Web Site (see Chapter 6) and other websites created by geeks for geeks.
Note | If you choose to identify a site by its port number, be sure to choose a number greater than 1023 because those below this number are well-known ports assigned to other network services. You don’t want to interfere with the operation of these services, or problems might result. |
This method is the main alternative to using separate IP addresses for each website and allows multiple sites on a single IIS machine to use the same IP address and port number. There are several considerations, however, when using this method:
It doesn’t work with SSL, so you can’t use host header names to identify e-commerce sites or other secure sites.
Users will no longer be able to use IP addresses to access sites on your machine.
It requires that you configure a name resolution service on your network and register these host header names with this service.
It only works with client browsers that are HTTP/1.1 compliant, meaning that users must have Internet Explorer 3 or higher (or Netscape Navigator 3 or higher).
The advantages of using host header names often outweigh the disadvantages, however. Specifically, host header names do the following:
Conserve valuable globally unique IP addresses
Provide better performance than using multiple IP addresses when servers host large numbers of sites
Host header names include the DNS name of the requested site in the HTTP header of the request when an HTTP/1.1-compliant browser issues an HTTP GET request to a website running on an IIS machine. The IIS machine then parses this header to find the name of the site requested and returns the content from the site that has the host header name that matches the included DNS name. For example, if the client is trying to download the home page of the Sales website that has the host header name www.mtit.com, the HTTP header in the GET request includes this DNS name. Of course, this means you must be using DNS on your network as a name resolution method, but this is standard both on the Internet and in an intranet environment where Windows Server 2003 is running—at least if Active Directory is deployed.
On a small network, an alternative to registering your host header names with your DNS name servers is to create a HOSTS file and copy this to the %SystemRoot%\ System32\drivers\etc folder on all your Windows NT/2000/XP/.NET machines and map all of the host header names to the single IP address of the IIS machine. You can also use host header names with NetBIOS (WINS or LMHOSTS) as your name resolution system if working in an intranet environment.
Tip | It’s generally not a good idea to assign host header names to the Default Web Site because it can cause problems with certain applications that make use of this site. One example is Microsoft Proxy Server, the precursor of Microsoft Internet Security and Acceleration (ISA) Server. Another example is SharePoint Portal Server, which experiences problems if you create host header names for the Default Web Site. |
Let’s do a short walkthrough to illustrate the different methods for specifying website identity. I’m running an IIS 6 machine called SNOOPY and have three IP addresses bound to the network adapter:
172.16.11.210
172.16.11.211
172.16 11.212
Tip | Always assign static IP addresses to your IIS machine; never use DHCP or problems may result. |
The Default Web Site has All Unassigned as its IP address, port 80 (the default), and no host header names configured. Using IIS Manager, I’ll first create a Sales website with the following identity:
IP address 172.16.11.210
Port 80
No host header names
The home directory for the Sales website (and for the other sites I will create) is C:\Sales, which contains a copy of the iisstart.htm file from C:\Inetpub\wwwroot, renamed as default.htm and edited using Notepad to add <H1>Sales</H1> after the <BODY>tag. (I’m assuming you know a little HTML if you’re working with IIS.)
Now I create another website called Support and give it the following identity:
IP address 172.16.11.210
Port 9009
No host header names
I use C:\Support for the home directory.
Next, I create another website called HR website and give it the following identity:
IP address 172.16.11.211
Port 80
Single host header name hr.mtit.com
Then I create another website called Management website and give it the following identity:
IP address 172.16.11.211
Port 80
Two host header names mgmt.mtit.com and exec.mtit.com
The Web Site Creation Wizard lets you assign only a single host header name to the site you create, but you can add additional host header names later by clicking the Advanced button on the Web Site tab of your website’s properties sheet (see Figure 7-2 again). This opens the Advanced Web Site Identification dialog box, where you can click Add to add additional host header names (or more generally, additional website identities) to the selected site (see Figure 7-15).
Figure 7-15: Configuring multiple host header names for a site
The identities of the different sites on SNOOPY so far are summarized in Table 7-2.
Website | IP Address | TCP Port | Host Header Names |
---|---|---|---|
Default | (All Unassigned) | 80 | None |
Sales | 172.16.11.210 | 80 | None |
Support | 172.16.11.210 | 9009 | None |
HR | 172.16.11.211 | 80 | hr.mtit.com |
Management | 172.16.11.211 | 80 | mgmt.mtit.com |
Before I test my configuration, I’ll configure name resolution to support my host header names by opening the HOSTS file in the C:\Windows\System32\drivers\etc folder on SNOOPY and adding the following lines to the end of the file:
172.16.11.211 hr.mtit.com 172.16.11.211 mgmt.mtit.com 172.16.11.211 exec.mtit.com
Now when I open Internet Explorer on SNOOPY and browse various URLs, I get the results shown in Table 7-3.
URL | Result |
---|---|
http://snoopy | Sales website (since first IP address is 172.16.11.210) |
http://172.16.11.210 | Sales website |
http://172.16.11.211 | Default Web Site |
http://172.16.11.212 | Default Web Site |
http://172.16.11.210:9009 | Support website |
http://hr.mtit.com | HR website |
http://mgmt.mtit.com | Management website |
http://exec.mtit.com | Management website |
Look over Table 7-3 carefully, and make sure you understand the reason for each result.
Tip | What will happen if you stop the Sales website and try to open the URL http://snoopy or http://172.16.11.210? Remember why it’s good to have a Default Web Site on your IIS machine! |
In this chapter, we’ve only looked at the Web Site, Home Directory, Documents, and HTTP Headers tabs on website properties sheets, and even for these tabs we haven’t covered every single configuration setting available. In later chapters, we’ll look at the purpose of the remaining website configuration settings, but here’s a quick guide to where each tab is covered in case you want to flip ahead:
Web Site More in Chapter 12
Performance Chapter 12
ISAPI Filters Chapter 8
Home Directory More in Chapters 8, 10, and 12
Documents More in Chapter 16
Directory Security Chapter 10
HTTP Headers More in Chapter 16
Custom Errors Chapter 13
Creating and configuring websites on IIS 6 wouldn’t be complete without mentioning again the Web Interface for Administration (WISA), the Administration Web site that is installed by default on Web Edition (and was previously covered in Chapter 6). You can use this interface to create new websites on IIS machines, but you can only configure a basic subset of website properties with it. Personally, I don’t find this tool very useful; so for the rest of this book, I plan to ignore it.
You plan to use your IIS server to host multiple websites for both your company's intranet and for its public Internet presence. What method(s) would you use for establishing a unique website identity for each site on your machine? Why would you choose these methods? What additional configuration might you have to perform on your network or at your ISP to ensure that users will be able to access your sites properly?
|
|