IIS Install and Configuration - savannahc502/SavC-TechJournal-SEC260 GitHub Wiki

Lab Introduction

This lab will walk through installing ISS (Internet Information Services), an extensible web server created by Microsoft for use with the Windows NT family, on a Windows Server VM in VMWare Workstation.

  • With .iso files, you will need to create a New Virtual Machine
  • This lab provided a .ova file, so I can go right to "open a virtual machine"
    • Launch VM in VMWare Workstation after checking for Bridged Networking w/ 4G RAM

Install IIS on Windows Server

Server Manager > Dashboard > Configure the local server > Add roles and features.

  • Role-based or feature-based installation
  • Select the name of the Windows server for destination (WIN-LCLTE83QANT, 192.168.229.131)
  • Server Roles: Select Web Server (IIS)
    • On the pop-up for feature dependencies, select Include management tools and add features
  • Click Install - which will build a static-content web server.

To verify that IIS installed successfully, enter the following into a web browser on your Windows 10 Workstation. You should see the default IIS Welcome page.

http://<IP_Address_of_your_Windows_server >

image

Add a Website to IIS

In the Windows Server 2012 that now has IIS installed, Open IIS Manager

image

  • Connections Page > Right Click Sites > Add Website
    • Name the website (I did Womp Womp Web)
    • Physical Path > Select ... for Folders > Browse to c:\inetpub and Make a New Folder called SEC260Site (path should be C:\inetpub\SEC260Site)
    • Accept the defaults for the Bindings to have the server run on port 80
    • Check "Start Website Immediately" and click OK
    • Accept warning for duplicate binding - this means that our new site will be used instead of the default site.
  • From IIS Manager - Highlight Default Website and click "Stop"
    • Then, Highlight your new website and click "Start"

Configuring Anonymous Authentication

If I attempt to browse to the page now, I will receive a 403 error. I must set up anonymous authentication to give users access to the public area of my website without prompting them for a user name or password. This can be configured using the default anonymous user account (IUSR) or I can set up a local user account for anonymous users.

Go to home of the IIS Manager and double click Authentication

  • Select Anonymous Authentication and in the actions page, go to edit. This will pop up with Edit anonymous Authentication Credentials*
  • Two Options:
    • We want IIS to run by using the account that is currently specified on the property page for the application pool, select Application pool identity. By default, this identity is the IUSR account.
    • Click OK

Set "Default Document" for IIS

Open Notepad and create a file named sec260.html on the desktop as file type any and add some basic text to it. Then, move the file to the c:\inetpub\SEC260Site path.

To actually get this on my IIS website, go to IIS Manager and highlight the website. Double click Default Document: then Add - Enter sec260.html. Make sure it is at the top of the default document page.

  • Click on your website in the Connections pane - and then Restart under Manage Website
  • Reload your page from a browser - you should see your text from the sec260.html file

image

image