Summary:
In all the web hosting news you might have noticed the buzz around Windows Server 2016, SQL Server 2016, and Windows 10. But there is one more thing that may light up your interest more, i.e. IIS 10. So let’s see what it has new on the table:
Introduction:
If you’ve accessed Windows Server 2016 technical preview and Windows 10, then you might have noticed that IIS 10 isn’t any different than these two. How? Check the below feature and their anatomy:
- HTTP/2
In the 2nd technical preview of Windows Server 2016 and in Windows 10, HTTP/2 is by default enabled, and in IIS 10 it’s the same thing, so you need not enable it twice in the value registry, and no need for a reboot.To confirm whether you’re using HTTP/2, just open the web browser (here, we’ll use Chrome) and connect your secure website hosted on IIS 10. In a second tab, type:
Chrome: //net-internals/#spdy
Refresh your web page (Ctrl +F5) and you’ll see the request listed with a protocol negotiated value of h2. If you are using Firefox (39), use F12 tools, and headers on the Network tab will show the version: HTTP/2.0. In IE (Internet Explorer) 11, it doesn’t show any difference in their F12 tools.
- Wildcard Host Header
The most awaited feature, as earlier versions up to 8.5 only specify a full hostname in the binding for a website. In IIS 10 we have certain options:
New-WebBinding -Name "Your Default website" -IPAddress "*" -Port 80 -HostHeader "*.foo.bar"
This all means that you are able to point multiple hostnames to the same website.
Now, it is possible to use site1.foo.bar and Site2.foo.bar, however, you should have your DNS server or host file set up, so they both will go to the same site.
For server1.departmetn.foo.bar, the above steps won’t work as the wildcard “*” stands for just a single “word”. So using even a binding such as “*.*.foo.bar” is invalid, similar to foo.*.bar. The wildcard has to be the leftmost character.
To make that work add a binding as follows:
New-WebBinding -Name "Your Default website" -IPAddress "*" -Port 80 –HostHeader "*.department.foo.bar"
For more information: Wildcard Host Header Support
- New IISAdministration PowerShell module
The existing PowerShell module has hardly changed, but the IIS team included a second module with direct access to the ‘Microsoft.Web.Administration.ServerManager’ object.
Get-command -Module IISAdministration | Select Name
- Environment Variables for Applications Pools
- HTTP status code 308
For the HTTP redirect module:Install-WindowsFeature Web-Http-Redirect
Then use PermRedirect for the new redirect:
- Server header Removal
Yet, no UI is available, but we can:
Set-webconfigurationproperty –papath ‘machine/webroot/apphost/your default website’ –filter “system.webserver/security/requestfiltering” –name “removeserverheader” –value “true”
Or on the server level:
Set-webconfigurationproperty –pspath ‘machine/webroot/apphost’ –filter “system.webserver/security/requestfiltering” –name “removeserverheader” –value “true”
So, the header no longer send:
Server: "Microsoft-IIS/10.0"
- Failed Request Tracing
To trace failed requests:
traceAllAfterTimeout
- New cipher suites
Supports two additional cipher suites:tls_ecdhe_rsa_with_aes_128_gcm_sha256 tls_ecdhe_rsa_with_aes_256_gcm_sha384
The first Cipher is noteworthy, as Google’s Chrome web browser also uses it. To download the Cipher list and extract the zip, run:
.\sslyze.exe --regular www.yoursite.com