SlideShare a Scribd company logo

Understandingiis 120715123909-phpapp01

Download as PPT, PDF
A
arunparmar

IIS is a web server that processes HTTP requests and delivers web content through its main components like HTTP.sys, worker processes, ISAPI extensions, and application pools; it operates in either isolation mode with InetInfo.exe or DLLHost.exe handling requests, or worker process mode with W3wp.exe; when a request is received, IIS determines if the response is cached or passes it to the appropriate component to retrieve dynamic content before returning the response.

Technology
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
“Understanding our IIS”
Contents  Web Server  Kernel & User mode  IIS and it's main components  Different Modes of Operations  Request Processing  Take Away
Web Server • The primary function of a web server is to deliver web pages on requests from clients using HTTP. • It can be referred as hardware(computer) or the software (computer application) • Hosts websites/web application to serve www. • Found embedded in devices like printers, routers, web-cams to serve local network • Able to map URL to a local file system resource (static requests) as well as internal or external program name (dynamic requests)
Kernel & User Mode • The executing code • The executing code has complete and has no ability to unrestricted access directly access to the underlying hardware or hardware. reference memory. • Kernel mode is • Code running in user generally reserved mode must delegate for the lowest-level, to system APIs to most trusted access hardware or functions of the memory. operating system.
Kernel & User Mode • Crashes in kernel • Crashes in user mode mode are are always catastrophic; they recoverable. will halt the entire PC. • Comparatively slow • Usually work faster, as they have to ask because, as part of the system the the system, it can permission to use directly use all the more memory or hardware resources more CPU resources. it needs.
IIS & it's main components • Designed to provide secure, scalable solutions for creating and managing www sites and servers • We can publish information on intranets, extranets and the internet • Provides FTP, SMTP, Indexing and other services • Components: – HTTP.sys – Worker processes (W3wp.exe) – ISAPI – InetInfo.exe – Application pools
HTTP.sys • Also known as “HTTP Protocol Stack” or “Http Listener Process” • Implemented as a kernel-mode device driver • core component to receive and serve HTTP requests and passing them off to the worker processes • When you create a Web site, IIS registers the site with HTTP.sys • Other than retrieving a stored response from its internal cache, HTTP.sys does not process the requests that it receives.
W3wp.exe • A worker process is user-mode code whose role is to process requests, such as processing requests to return a static page • The worker process is controlled by the WWW service • A worker process runs as an executable file named W3wp.exe • Worker processes also run application code, such as ASP.NET applications and XML Web services.
ISAPI • Internet Server Application Programming Interface, is an API developed to provide the application developers with a powerful way to extend the functionality of IIS • Extensions and Filters are the two types of applications that can be developed using ISAPI • ISAPI extensions are true applications that run on IIS and have access to all of the functionality provided by IIS
ISAPI Application Mapping are implemented as DLLs that • ISAPI extensions are loaded into a process that is controlled by IIS • Like ASP and HTML pages, IIS uses the virtual location of the DLL file in the file system to map the ISAPI extension • ASP.Net functionality is contained in an ISAPI extension called aspnet_isapi.dll • Any file that is requested from the IIS server that ends in “.aspx” is mapped to aspnet_isapi.dll which is assigned to process the file before displaying its output in the client’s window
InetInfo.exe • A user-mode component that hosts the IIS metabase and that also hosts the non-Web services like the FTP, SMTP etc • Used to manage ISAPI applications that run within the IIS process context • The services that run in Inetinfo.exe run as dynamic-link libraries (DLLs) under the Local System account • In IIS5.0 or IIS6.0 runs in IIS5.0 isolation mode >Inetinfo.exe hosts the worker process
DLLHost.exe (IIS 5.0) • Manage out-of-process ISAPI applications • Any pooled ISAPI applications running on the server run within the context of a single instance of DLLHost.exe • The dllhost.exe process goes by the name COM Surrogate, which is an general purpose executable to host dlls out of process • In case of any unhandled error which may crash the COM Surrogate process, leaves the originating process intact.
Application Pools (IIS 6.0) • Group of Web Applications and Web Sites are called Application Pools • Every application within an application pool shares the same worker process • The worker process(w3wp.exe) that services one application pool is separated from the worker process that services another • Each separate worker process provides a process boundary so each application pool is separated by these process boundaries
IIS Different Modes of Operations • IIS 5.0 isolation mode (InetInfo.exe or DLLHost.exe takes the ownership for request processing) • IIS 6.0 worker process isolation mode (worker process W3wp.exe takes the ownership for request processing)
IIS 5.0 Isolation Mode file:///C:/Documents and Settings/Admin/My Documents/My Pictures/iis5_isolation_mode.jpg
Request Processing • A request arrives. If the requested application is running in- process, then Inetinfo.exe takes the request. If not, then DLLHost.exe takes the request. • Inetinfo.exe or DLLHost.exe determines if the request is valid. If the request is not valid, it sends a code for an invalid request back to the client. • If the request is valid, Inetinfo.exe or DLLHost.exe checks to see if the response is located in the IIS cache. • If the response is in the cache, it is returned immediately. • If the response is not cached, Inetinfo.exe or DLLHost.exe processes the request, by evaluating the URL to determine if the request is for static (HTML), or dynamic content (ASP) • The response is sent back to the client and the request is logged, if IIS is configured to do so.
IIS 6.0 Isolation Mode file:///C:/Documents and Settings/Admin/My Documents/My Pictures/iis6_isolation_Mode.jpg
Request Processing • A request arrives at HTTP.sys. • HTTP.sys determines if the request is valid. If the request is not valid, it sends a code for an invalid request back to the client. • If the request is valid, HTTP.sys checks to see if the request is for static content (HTML) because static content can be served immediately. • If the request is for dynamic content, HTTP.sys checks to see if the response is located in its “kernel-mode cache”. • If the response is in the cache, HTTP.sys returns the response immediately. • If the response is not cached, HTTP.sys determines the correct “request queue”, and places the request in that queue.
Request Processing(contd.) • If the queue has no worker processes assigned to it, HTTP.sys signals the WWW service to start one. • The worker process pulls the request from the queue and processes the request, evaluating the URL to determine the type of request (ASP, ISAPI, or CGI). • The worker process sends the response back to HTTP.sys. • HTTP.sys sends the response back to the client and logs the request, if configured to do so.
Take Away

More Related Content

PPT
Understanding iis part1
Om Vikram Thapa
 
PPT
Understanding iis part2
Om Vikram Thapa
 
DOCX
IIS interview questions and answers
Interviewwiz
 
PPT
IIS 7: The Administrator’s Guide
Information Technology
 
PPTX
IIS Always-On Services
Brian Ritchie
 
PPT
IIS-Settings
Mindfire Solutions
 
PPTX
ASP.NET Request Processing Internals
Abhijit Jana
 
PPT
INTRODUCTION TO IIS
sanya6900
 
Understanding iis part1
Om Vikram Thapa
 
Understanding iis part2
Om Vikram Thapa
 
IIS interview questions and answers
Interviewwiz
 
IIS 7: The Administrator’s Guide
Information Technology
 
IIS Always-On Services
Brian Ritchie
 
IIS-Settings
Mindfire Solutions
 
ASP.NET Request Processing Internals
Abhijit Jana
 
INTRODUCTION TO IIS
sanya6900
 

What's hot (18)

PPT
Understanding IIS
Om Vikram Thapa
 
PDF
Build sites on iis
Paul Davis
 
PPTX
Codeigniter framework
baabtra.com - No. 1 supplier of quality freshers
 
PPTX
IIS7 For Non IIS PFEs
Kenny Abdiel Maita
 
PPT
introasp_net-7364068.ppt
IQM123
 
PDF
CNIT 129S: 10: Attacking Back-End Components
Sam Bowne
 
PPT
introaspnet-3030384.ppt
IQM123
 
PDF
WebLogic on ODA - Oracle Open World 2013
Michel Schildmeijer
 
PDF
IIS 7.0 Architecture And Integration With Asp.Net
Manny Siddiqui MCS, MBA, PMP
 
PPTX
Apex world 2018 continuously delivering APEX
Sergei Martens
 
PDF
Laravel and CodeIgniter: pros & cons
ElenorWisozk
 
PPTX
Web303
Information Technology
 
PPTX
High Volume Payments using Mule
Adhish Pendharkar
 
PPTX
Operational Security 3.7
StephenKardian
 
PPT
Iis it-slideshares.blogspot.com
phanleson
 
PDF
Restful风格ž„web服务架构
Benjamin Tan
 
PPTX
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
Ido Flatow
 
PDF
IBM InterConnect 2015 - IIB in the Cloud
Andrew Coleman
 
Understanding IIS
Om Vikram Thapa
 
Build sites on iis
Paul Davis
 
Codeigniter framework
baabtra.com - No. 1 supplier of quality freshers
 
IIS7 For Non IIS PFEs
Kenny Abdiel Maita
 
introasp_net-7364068.ppt
IQM123
 
CNIT 129S: 10: Attacking Back-End Components
Sam Bowne
 
introaspnet-3030384.ppt
IQM123
 
WebLogic on ODA - Oracle Open World 2013
Michel Schildmeijer
 
IIS 7.0 Architecture And Integration With Asp.Net
Manny Siddiqui MCS, MBA, PMP
 
Apex world 2018 continuously delivering APEX
Sergei Martens
 
Laravel and CodeIgniter: pros & cons
ElenorWisozk
 
Web303
Information Technology
 
High Volume Payments using Mule
Adhish Pendharkar
 
Operational Security 3.7
StephenKardian
 
Iis it-slideshares.blogspot.com
phanleson
 
Restful风格ž„web服务架构
Benjamin Tan
 
From VMs to Containers: Introducing Docker Containers for Linux and Windows S...
Ido Flatow
 
IBM InterConnect 2015 - IIB in the Cloud
Andrew Coleman
 
Ad

Similar to Understandingiis 120715123909-phpapp01 (20)

PDF
Web Server Hardening
n|u - The Open Security Community
 
PPTX
10 tips to make your ASP.NET Apps Faster
Brij Mishra
 
PPT
Windows internals
Piyush Jain
 
PPTX
Add a web server
AgCharu
 
PPTX
Application Virtualization overview - BayCUG
Denis Gundarev
 
PDF
CNIT 121: 10 Enterprise Services
Sam Bowne
 
PDF
CNIT 152: 10 Enterprise Services
Sam Bowne
 
PDF
AAI-2016 WebSphere Application Server Installation and Maintenance in the Ent...
WASdev Community
 
PPTX
Debugging the Web with Fiddler
Ido Flatow
 
PDF
SharePoint Saturday San Antonio: SharePoint 2010 Performance
Brian Culver
 
PPTX
IIS request process
Mahbub Hasan
 
PPTX
06.m3 cms set-upwebserver
tarensi
 
PPTX
SharePoint 2013 - What's New
AdventosConsulting
 
PPT
Network Implementation and Support Lesson 13 Web Resouces
Eric Vanderburg
 
PPTX
IIS_Presentation.pptxlllllllllllllllllllllllllllllllllllllllllllllll
aashimait
 
PDF
Web server
Touhid Arastu
 
PDF
SharePoint Saturday The Conference 2011 - SP2010 Performance
Brian Culver
 
PDF
How to Harden the Security of Your .NET Website
DNN
 
PPTX
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Jayesh Naik
 
PPTX
Application hardening
Jayesh Naik
 
Web Server Hardening
n|u - The Open Security Community
 
10 tips to make your ASP.NET Apps Faster
Brij Mishra
 
Windows internals
Piyush Jain
 
Add a web server
AgCharu
 
Application Virtualization overview - BayCUG
Denis Gundarev
 
CNIT 121: 10 Enterprise Services
Sam Bowne
 
CNIT 152: 10 Enterprise Services
Sam Bowne
 
AAI-2016 WebSphere Application Server Installation and Maintenance in the Ent...
WASdev Community
 
Debugging the Web with Fiddler
Ido Flatow
 
SharePoint Saturday San Antonio: SharePoint 2010 Performance
Brian Culver
 
IIS request process
Mahbub Hasan
 
06.m3 cms set-upwebserver
tarensi
 
SharePoint 2013 - What's New
AdventosConsulting
 
Network Implementation and Support Lesson 13 Web Resouces
Eric Vanderburg
 
IIS_Presentation.pptxlllllllllllllllllllllllllllllllllllllllllllllll
aashimait
 
Web server
Touhid Arastu
 
SharePoint Saturday The Conference 2011 - SP2010 Performance
Brian Culver
 
How to Harden the Security of Your .NET Website
DNN
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
Jayesh Naik
 
Application hardening
Jayesh Naik
 
Ad

Recently uploaded (20)

PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PPTX
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
August Patch Tuesday
Ivanti
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
PPTX
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
Group 1 Presentation -Planning and Decision Making .pptx
MatthewLewis227954
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
August Patch Tuesday
Ivanti
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
A Presentation on Artificial Intelligence
memembruh336
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
1 - Historical Antecedents, Social Consideration.pdf
tuazon2030627
 
TechTalks-8-2019-Service-Management-ITIL-Refresh-ITIL-4-Framework-Supports-Ou...
bonakiduza1024
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 

Understandingiis 120715123909-phpapp01

  • 2. Contents  Web Server  Kernel & User mode  IIS and it's main components  Different Modes of Operations  Request Processing  Take Away
  • 3. Web Server • The primary function of a web server is to deliver web pages on requests from clients using HTTP. • It can be referred as hardware(computer) or the software (computer application) • Hosts websites/web application to serve www. • Found embedded in devices like printers, routers, web-cams to serve local network • Able to map URL to a local file system resource (static requests) as well as internal or external program name (dynamic requests)
  • 4. Kernel & User Mode • The executing code • The executing code has complete and has no ability to unrestricted access directly access to the underlying hardware or hardware. reference memory. • Kernel mode is • Code running in user generally reserved mode must delegate for the lowest-level, to system APIs to most trusted access hardware or functions of the memory. operating system.
  • 5. Kernel & User Mode • Crashes in kernel • Crashes in user mode mode are are always catastrophic; they recoverable. will halt the entire PC. • Comparatively slow • Usually work faster, as they have to ask because, as part of the system the the system, it can permission to use directly use all the more memory or hardware resources more CPU resources. it needs.
  • 6. IIS & it's main components • Designed to provide secure, scalable solutions for creating and managing www sites and servers • We can publish information on intranets, extranets and the internet • Provides FTP, SMTP, Indexing and other services • Components: – HTTP.sys – Worker processes (W3wp.exe) – ISAPI – InetInfo.exe – Application pools
  • 7. HTTP.sys • Also known as “HTTP Protocol Stack” or “Http Listener Process” • Implemented as a kernel-mode device driver • core component to receive and serve HTTP requests and passing them off to the worker processes • When you create a Web site, IIS registers the site with HTTP.sys • Other than retrieving a stored response from its internal cache, HTTP.sys does not process the requests that it receives.
  • 8. W3wp.exe • A worker process is user-mode code whose role is to process requests, such as processing requests to return a static page • The worker process is controlled by the WWW service • A worker process runs as an executable file named W3wp.exe • Worker processes also run application code, such as ASP.NET applications and XML Web services.
  • 9. ISAPI • Internet Server Application Programming Interface, is an API developed to provide the application developers with a powerful way to extend the functionality of IIS • Extensions and Filters are the two types of applications that can be developed using ISAPI • ISAPI extensions are true applications that run on IIS and have access to all of the functionality provided by IIS
  • 10. ISAPI Application Mapping are implemented as DLLs that • ISAPI extensions are loaded into a process that is controlled by IIS • Like ASP and HTML pages, IIS uses the virtual location of the DLL file in the file system to map the ISAPI extension • ASP.Net functionality is contained in an ISAPI extension called aspnet_isapi.dll • Any file that is requested from the IIS server that ends in “.aspx” is mapped to aspnet_isapi.dll which is assigned to process the file before displaying its output in the client’s window
  • 11. InetInfo.exe • A user-mode component that hosts the IIS metabase and that also hosts the non-Web services like the FTP, SMTP etc • Used to manage ISAPI applications that run within the IIS process context • The services that run in Inetinfo.exe run as dynamic-link libraries (DLLs) under the Local System account • In IIS5.0 or IIS6.0 runs in IIS5.0 isolation mode >Inetinfo.exe hosts the worker process
  • 12. DLLHost.exe (IIS 5.0) • Manage out-of-process ISAPI applications • Any pooled ISAPI applications running on the server run within the context of a single instance of DLLHost.exe • The dllhost.exe process goes by the name COM Surrogate, which is an general purpose executable to host dlls out of process • In case of any unhandled error which may crash the COM Surrogate process, leaves the originating process intact.
  • 13. Application Pools (IIS 6.0) • Group of Web Applications and Web Sites are called Application Pools • Every application within an application pool shares the same worker process • The worker process(w3wp.exe) that services one application pool is separated from the worker process that services another • Each separate worker process provides a process boundary so each application pool is separated by these process boundaries
  • 14. IIS Different Modes of Operations • IIS 5.0 isolation mode (InetInfo.exe or DLLHost.exe takes the ownership for request processing) • IIS 6.0 worker process isolation mode (worker process W3wp.exe takes the ownership for request processing)
  • 15. IIS 5.0 Isolation Mode file:///C:/Documents and Settings/Admin/My Documents/My Pictures/iis5_isolation_mode.jpg
  • 16. Request Processing • A request arrives. If the requested application is running in- process, then Inetinfo.exe takes the request. If not, then DLLHost.exe takes the request. • Inetinfo.exe or DLLHost.exe determines if the request is valid. If the request is not valid, it sends a code for an invalid request back to the client. • If the request is valid, Inetinfo.exe or DLLHost.exe checks to see if the response is located in the IIS cache. • If the response is in the cache, it is returned immediately. • If the response is not cached, Inetinfo.exe or DLLHost.exe processes the request, by evaluating the URL to determine if the request is for static (HTML), or dynamic content (ASP) • The response is sent back to the client and the request is logged, if IIS is configured to do so.
  • 17. IIS 6.0 Isolation Mode file:///C:/Documents and Settings/Admin/My Documents/My Pictures/iis6_isolation_Mode.jpg
  • 18. Request Processing • A request arrives at HTTP.sys. • HTTP.sys determines if the request is valid. If the request is not valid, it sends a code for an invalid request back to the client. • If the request is valid, HTTP.sys checks to see if the request is for static content (HTML) because static content can be served immediately. • If the request is for dynamic content, HTTP.sys checks to see if the response is located in its “kernel-mode cache”. • If the response is in the cache, HTTP.sys returns the response immediately. • If the response is not cached, HTTP.sys determines the correct “request queue”, and places the request in that queue.
  • 19. Request Processing(contd.) • If the queue has no worker processes assigned to it, HTTP.sys signals the WWW service to start one. • The worker process pulls the request from the queue and processes the request, evaluating the URL to determine the type of request (ASP, ISAPI, or CGI). • The worker process sends the response back to HTTP.sys. • HTTP.sys sends the response back to the client and logs the request, if configured to do so.