Sukesh's IIS Blog

IIS7 Mobile Admin is a simple web application to administer IIS7 remotely using a mobile phone browser.  I provided few screenshots of IIS7 Mobile Admin in my previous blog post here http://www.awesomeideas.net/post/2008/03/04/IIS7-Mobile-Admin.aspx

And I promised to get it on codeplex for your download pleasure and finally it's ready and available

Project Home (Screenshots,FAQ) - http://www.awesomeideas.net/page/IIS7-Mobile-Admin.aspx
Download & Discussion - http://www.codeplex.com/iis7mobileadmin/

I wanted to introduce something I’ve been working during last couple of weekends. Yes you guessed it “IIS7 Mobile Admin” to show some love to our web server administrators who keeps our Web 2.0 world up and running!

Hostable Web Core (known as HWC) is a new concept in IIS7 to host a website/webservice inside your own process. In short a smaller hosted version of IIS (an IIS7 express edition?).
This is accomplished by making a LoadLibrary call to load hwebcore.dll (%systemdrive%\Windows\System32\inetsrv\hwebcore.dll)

Here is another featured moved to kernel mode. Yea it's Windows Authentication which is by default configured to run in kernel mode.

There are so many things which has changed in IIS7 for the better and one of them is about the way SSL works. Although IIS6 allowed kernel mode SSL (starting with Windows 2003 SP1) that wasn't the default option. As far as I know (AFAIK) not many customers used it or knew about it.

Although the title says webserver certificates the script is not limited to webserver certificates only.

I had written a sample to redirect all http traffic to https (secure) in September 2006 http://www.awesomeideas.net/post/2006/09/03/Redirecting-from-http-to-https-in-IIS7.aspx

In one of our internal discussion alias the question came up that this method does not work when SSL is forced on the website. Step 5 below handles that scenario by checking the "403.4 SSL required" response and handling it during OnEndRequest event.

So let us get into action (I'm using C# for this sample)

1. Download and Install IIS7 Managed Module Starter Kit
   (Not really a requirement but it would make developing IIS7 modules easier)
2. Rename the default class name created to "redir.cs" and rename project/solution/namespace to "http2https"
3. Add the following code in "Init" method
   

   // register for the BeginRequest event
   application.BeginRequest += new EventHandler(OnBeginRequest); 
   application.EndRequest += new EventHandler(OnEndRequest);

    
4. Add the following method to implement "BeginRequest" event
   

   //BeginRequest implementation
   public void OnBeginRequest(Object sender, EventArgs e)
   {
   HttpApplication app = (HttpApplication)sender;
   string HttpUrl = app.Request.Url.ToString(); 
   
      if (HttpUrl.StartsWith("http:"))                           //Redirection done only if URL starts with http:
      {
      HttpUrl = HttpUrl.Replace("http:", "https:");
      app.Response.Redirect(HttpUrl.ToString(), true);           //Redirecting (http 302) to the same URL but with https
      app.Response.End();                                        //We don't want to any further so end
      }
   } 
   

5. Add the following method to implement "OnEndRequest" event
   

   Read more...

I was thinking to write an HttpModule for IIS7 and wanted a simple, useful and easily understandable scenario. Working with IIS customers for last 3 years one of those common scenario came into my mind, Redirecting http traffic to https. Although this is pretty straight forward requirement, till IIS6 it was difficult to achieve. Check the following KB 839357 (specifically for OWA scenario) which explains the cumbersome steps .