Top 10 Changes in IIS 7.0
You can find the original Top 10 Changes in IIS 7.0 post on Technet.
1. Simple, configurable command line setup
Install only the IIS components needed to run your site
start /w pkgmgr /l:log.etw /iu:IIS-WebServerRole;IIS-WebServer;IIS-CommonHttpFeatures;IIS-StaticContent;IIS-DefaultDocument;IIS-DirectoryBrowsing;IIS-HttpErrors;IIS-HttpRedirect;IIS-ApplicationDevelopment;IIS-ASPNET;IIS-NetFxExtensibility;IIS-ASP;IIS-ISAPIExtensions;IIS-ISAPIFilter;IIS-ServerSideIncludes;IIS-HealthAndDiagnostics;IIS-HttpLogging;IIS-LoggingLibraries;IIS-RequestMonitor;IIS-HttpTracing;IIS-Security;IIS-ClientCertificateMappingAuthentication;IIS-IISCertificateMappingAuthentication;IIS-RequestFiltering;IIS-IPSecurity;IIS-Performance;IIS-HttpCompressionStatic;IIS-HttpCompressionDynamic;IIS-WebServerManagementTools;IIS-ManagementConsole;IIS-ManagementScriptingTools;IIS-ManagementService;IIS-IIS6ManagementCompatibility;IIS-Metabase;IIS-WMICompatibility;IIS-LegacyScripts;IIS-LegacySnapIn;WAS-WindowsActivationService;WAS-ProcessModel;WAS-NetFxEnvironment;WAS-ConfigurationAPI
2. Great compatibility story
Most (99%+) ASP and ASP.NET applications worked.
- One application encountered breaking change
- Handful of applications required config migration to run in Integrated
(We have about 260 applications running on www.microsoft.com as defined by IIS. There are thousands of pages of code that could have broken but did not.)
Integrated Pipeline is the new unified request processing pipeline. Benefits include:
- Allowing services provided by both native and managed modules to apply to all requests, regardless of handler. For example, managed Forms Authentication can be used for all content, including ASP pages, CGIs, and static files.
- Empowering ASP.NET components to provide functionality that was previously unavailable to them due to their placement in the server pipeline. For example, a managed module providing request rewriting functionality can rewrite the request prior to any server processing, including authentication, takes place.
- A single place to implement, configure, monitor and support server features. For example, single module and handler mapping configuration, single custom errors configuration, single URL authorization configuration.
Classic ASP mode allows for easy app migration
- ASP.NET Setup provides a "Classic .NET AppPool"
- For more information, see the article ASP.Net Integration With IIS 7.0
Use AppCmd to migrate apps to Integrated mode
- %windir%\system32\inetsrv\APPCMD.EXE migrate config <Application Path>`
- For more information about AppCmd.exe, see Getting Started With AppCmd.exe
- Allows you the run old ADSI scripts
- IIS 6.0 Metabase Compatibility module must be installed
3. No more metabase!
- Clean clear-text schema
IIS settings stored in XML configuration file (applicationHost.config)
- Metabase exists for SMTP/NNTP/FTP only
- Update central applicationHost.config and copy to all web servers
- Replaces our bulky ADSI based script solution for metabase changes
- Be careful copying to production servers under load. (When you push out a new applicationHost.config, your app pools and applications will be recycled. If you are heavily dependent on caching, then you could cause problems in your environment as the CLR reloads.)
4. Centralized configuration
- applicationHost.config stored on UNC share
- Allows us to copy to two (maybe four) servers rather than 80
Potential issue - managing password changes for account used to connect to config store. (This is because currently you cannot use the UNC share that is running under the Network service, which we use heavily. It currently requires a domain account, which our security policy mandates a periodic password change.)
5. Delegated configuration
- Admin can now delegate IIS settings to application owner
- Settings defined in web.config file in application directory
Example of setting to delegate include:
- System.webServer section of applicationHost.config
- Caching, defaultDocument, httpErrors, security
For more information, see Delegated Configuration .
6. AppCmd and other new management options
Managing via the UI
- New modular, task-based look and feel
- Moving away from the right-click/properties paradigm
Managing via the Command Line
- Command line utility which replaces adsutil.vbs, iisapp.vbs, and others
- Allows command line management of sites, applications, vdirs, apppools, modules, tracing, and more Powershell
- IIS community creating IIS-specific Powershell cmdlets
- AppCmd limitations - no remote
- No IIS provider for Powershell
7. Failed request tracing
- Buffers the trace events for requests and flushes them to disk if they meet your failure criteria
- Captures trace data while you are sleeping
- Very little perf impact when targeting failing requests
- Quick test: Enabling tracing for all file extensions and errors results in approx 5% fewer requests/second at full stress load (do not do this in production).
View Currently Executing Requests via AppCmd
- appcmd list requests (for all request)
- appcmd list requests /apppool.name:DefaultAppPool
New Task Scheduler
- Trigger tasks on events
For more information, see Failed Request Tracing.
8. Request filtering
- No more URLScan
- </requestFiltering> settings in applicationHost.config
Issue for Microsoft.com: If filename includes "+" then allowDoubleEscaping must be set to "true"
- <requestFiltering allowDoubleEscaping="true">
Allow or disallow specific file extensions and verbs
- <add fileExtension=".exe" allowed="false" />
- <add sequence="./" />
- <add sequence="/." />
9. UNC content
- Simplified content synchronization
Reduced H/W footprint (potentially less cost)
- Common industry pain point
10. Output caching of dynamic content
- Fewer off-box calls to back end dependencies
- Significant performance gains
- Simple WCAT (Web Capacity Analysis Tool) Stress Test against www.microsoft.com/en/us/default.aspx
Not appropriate for all applications (e.g., not effective for those with very personalized output)