IIS and Web Server Role

How can we improve IIS and the Web Server Role in Windows Server?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. IIS Module to Address Website Password Guessing

    A common technique for *********** Testers is to gain access to an account via brute force (many passwords against one account) or password spraying (one password against many accounts). Websites are a great target since they often lack the logging/alerting of these techniques. To address this some implement 2-factor yet this still provides the necessary feedback because only a successful authentication attempt will proceed to the 2-factor prompt.

    To address this I’ve create a PowerShell module which leverages Logparser to parse a website’s logs and identify such situations.

    https://www.powershellgallery.com/packages/WebsiteFailedLogins/1.0
    https://github.com/phbits/WebsiteFailedLogins

    While it’s a suitable solution, the downside is it’s a…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow the use of an IIS AppPools Admin to remotely control AppPools

    I would like to give my developers who are non-admins on the web server, the ability to control IIS AppPools for the websites they are developing. The ability to stop and start an IIS AppPools is an important part of development. I don't want to have to make them Administrators of the web server and I don't want them to have to use PowerShell to do this. I should be able to select an AppPool and give a specific user control of it without giving control to the other AppPools on the server, much like using IIS Manager Permissions to…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. SSL support for Application Initialization module

    The Application Initialization module does a good job at warming-up websites so that the user doesn't experience any delays. Unfortunately this doesn't work for web applications that are SSL-only (see https://support.microsoft.com/en-us/help/2843964/application-initialization-module-fails-when-web-site-requires-ssl). At the same time one of the recommended practices for web APIs is to serve them SSL-only (see https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl).

    I would like to change the Application Initialization module to support application warm-up requests using the HTTPS-binding if one is available. For compatibility this could be an opt-in feature of the applicationInitialization configuration.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Display useful error information when web.config uses URL rewrite and rewrite extension is not installed

    On IIS 8.5, if you attempt to access a web application that uses URL rewriting on a machine that does not have the rewrite extension installed, you get a generic 500 error page with no information about the cause of the error, and nothing about the error shows up in the Event Log. Failed Request Tracing also failed to produce a log file.

    IIS should have validations to ensure that the extension is installed when <rewrite> is present in web.config.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Bad Request responded with 404.xx

    Hey,
    I've found two strange behaviours of IIS.

    Code Snippet
    <httpErrors existingResponse="PassThrough" />
    <security>
    <requestFiltering>
    <requestLimits maxAllowedContentLength="5000000" />
    <verbs allowUnlisted="true">
    <add verb="HEAD" allowed="false" />
    </verbs>
    </requestFiltering>
    </security>
    Problem Description
    In this code snippet,

    Rejects the request if content size is bigger than 5 MBs. It responds with a 404. (404.13)
    Rejects the HTTP HEAD requests. It also responds with 404.
    Expected Behavior
    Since HTTP Status Codes are independent of the running platform, we expected a common message, not the IIS specific status code.

    For request limits, It should respond with 400 - Bad Request.
    image

    For ignored HTTP Method, It…

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Please allow IIS Manager to manage remote servers

    IIS Manager is the only console that I use almost daily that cannot connect and manage remote IIS servers. The very some way as Computer management and other MMC consoles. I mean without creating IIS users.

    5 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Get-IISAppPool Doesn't Use Latest Information

    I believe I found a bug in the Get-IISAppPool PowerShell cmdlet.

    Create a script with the following:
    * Check if an application pool exists using:
    Get-IISAppPool -Name "Something"
    Where "Something" indicates an application pool name.
    * If the application pool exists, display some text.
    * Otherwise, create the application pool.

    1) Open a PowerShell window (as administrator) and run the script.
    2) The application pool does not exist and is created (correct).
    3) Do not close the window and run the script again.
    4) The script again indicates that the application pool does not exist and tries to create it…

    4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Let's encrypt integration

    It would be great to integrate the ACME protocol in IIS. One of the reasons SSL isn't widely used is because it is complex and costly to set up.

    What I would really like to see is in the "edit bindings" window, when choosing a certificate, an option to choose instead Let's Encrypt / ACME. IIS would automatically request the certificate through the ACME protocol and would automatically renew the certificate.

    Obviously this would also be available through powershell (although keep in mind that primary users are likely to be unsophisticated GUI users, not sophisticated teams who run multiple instance…

    40 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make propeties name case-insensitive for creating app pools. (IIS, WebAdministration module)

    PowerShell is case insensitive language and so are the modules like WebAdministration expected to be.
    # Does not work
    PS IIS:\AppPools> Set-ItemProperty .\DefaultAppPool -Name Enable32BitAppOnWin64 -Value $true

    # Works
    PS IIS:\AppPools> Set-ItemProperty .\DefaultAppPool -Name enable32BitAppOnWin64 -Value $true

    Difference is only in capital and small letter 'e' in property name. Moreover, the first command doesn't even throw any error.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide support for SHA256 Self Signed Certificates

    Currently, creating Self Signed Certificates in IIS only allows you to create SHA1 algorithm Self Signed Certificates. However, SHA1 is being deprecated in favor of SHA256, therefore, IIS Manager should support creating SHA256 Self Signed Certificates instead (or prompt as to whether you wish to create an SHA1 or SHA256 Self Signed Certificate)

    17 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Global UrlRewrites Prior to assignment of AppPool

    I would like the ability to do url rewrites that can define/alter which site & AppPool will handle the request. Ie handled in the base process Before being being passed to any app pool process.
    This would avoid the need add/use an ARR proxy to achieve such mapping (which doesn't always work as a workaround).

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. [SMTP Server] - Add SMTP Server on the WindowsServerCore in Windows Continer Images

    Please, Add the SMTP-Server on the Windows Server Core Container image.
    I start to test the Windows Container, but the SMTP Server is a requiremento to my application.

    1 vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow all roles, role services, features to have the option to be installed under a new site in IIS rather than under the Default Web Site.

    Allow all roles, role services, features to have the option to be installed under a new site in IIS rather than under the Default Web Site. You should be able to choose to install say NDES role service, or ADCS Enterprise CA, or RDS roles under a separate website than the Default Web Site when adding roles and features to Windows Server. Also, would be nice to have multiple sites running on HTTPS using Port 443 this way and leveraging host headers to determine which site to load.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. PHP Manager & NET 2.0

    Please remove or upgrade the dependency of the installer of PHP Manager, if the server has not .NET 3.5 installed the PHP Manager ICON want to appear inside IIS

    I know that microsoft want to kill IIS for net core but resolve this error, i have to install NET 3.5, install php manager from Web Platform Installer and then remove NET 3.5 (I use 4.7.1)

    Tnx

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Bug: IIS 10 + HTTPS + response.flush() = request is duplicated

    On windows server we installed IIS 10 and an SSL license

    We observe that if we have a page that contains a response.flush() the request is executed twice (Get or POST)

    on FF every request is duplicated, on chrome, IE and Edge the first request is duplicated after that the other request are executed normally (once)

    This bug can be reproduced with a simple page with only:

    <!--- start asp classic--->
    <%
    response.flush
    %>
    <!--- end asp classic--->

    This is problematic with every browser, FF because all the requests are duplicated, even form submissions, others because bug this can happen…

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. CLI / PowerShell / WMI - Create a command to get/collect/List Application Pool Performance.

    The ideia:

    Crate a command to get/list/Collect information about Application Pool Performance Monitor.

    - CPU in use
    - Memory in use
    - Disk in use
    - Network in use
    - How many connection on the application pool
    - PID Number
    - Command line with name, version and ...

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Missing help & command for IISAdministration Module

    Relatively new to the PowerShell space and I apologize if this is a non-issue and just a user error.

    Missing help from IISAdministration Module
    OS: Microsoft Windows 10 Education (10.0.16299 N/A Build 16299)
    Hotfixes Installed: [01]: KB4053577 [02]: KB4056887 [03]: KB4057247
    [04]: KB4058043 [05]: KB4088785 [06]: KB4093110
    [07]: KB4054517

    Repro for missing: Get-Command
    Import-Module .\IISAdministration.psm1
    Get-Command -Module IISAdministration
    Returns: Null

    Repro for missing: Help
    Save-Module -Name IISAdministration {$env:Path}
    help *iis*
    Returns Null
    cd into the saved locale.
    Invoke-Item .\IISAdministration_07640789-476a-4713-a091-f5b365129c32_HelpInfo.xml

    The help URI returns error: This site can’t be reached

    <HelpContentURI>http://go.microsoft.com/fwlink/?linkid=216321</HelpContentURI>

    The other listed url in the helpinfo.xml file…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    This is an issue with the cmdlets, which are owned by the IIS team. I am relocating the issue to the IIS area.

  18. Support brotli compression

    There are third party modules to support brotli compression but this should be supported by IIS out of the box. Also it looks like it conflicts with the priority IIS uses to pick which compression to use: https://serverfault.com/a/896234/451530

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Creating a task scheduler in IIS

    If you want to run a task on a schedule (as in every 10 minutes, every hour, the first day of the month, etc), you currently have to rely on external schedulers to trigger these tasks (windows scheduled tasks, azure jobs, etc). However for short running tasks, it should be possible to define a schedule in web.config, with IIS calling a page on schedule. This would make an IIS website a lot cleaner / self contained that having to rely on an external scheduler.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Upgrade WebDeploy to use SQL SERVER 2017 files

    Upgrade WebDeploy to use SQL SERVER 2017 files. Right now web deploy for hosting providers uses sql server 2012 files like scriptdom, types etc

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

IIS and Web Server Role

Feedback and Knowledge Base