IIS uses ten Principles

1. Custom error page

Although the custom error page is simple, only a few administrators can use it effectively. An administrator can image an HTTP error message in an MMC to an absolute URL or a file on the server, and more detailed information can be found here. If you think this is too much trouble, want a simpler approach, or you want the developer to define the error pages themselves without having permission to use MMC, you can use a tool like customer error.

2. Metabase Research

If you think Apache is powerful because it has a configuration file, you should look at how good IIS metabase is. With metabase, an administrator can complete all work on IIS, such as establishing a virtual directory, stopping, starting, or pausing a Web site, establishing, deleting, banning, or enabling applications. Microsoft provides a visual tool MetaEdit help you read and write metabase, where you can download the latest version of it. To make more effective use of metabase, you should try the command-line interface---IIS administration Script, referred to as adsutil.vbs, you can c:inetpubadminscripts or%systemroot% Find it under the System32inetsrvadminsamples directory.

Note: Metabase is important to the normal work of the Web site, do not destroy it. Remember: You must back up before making any changes.

3. Automatically correct spelling errors for URLs

Apache advocates are always boasting some of Apache's small features, of which the coolest number "automatically corrected URL spelling errors", now, IIS administrators can play with these small features, using Urlspellcheck, automatically correct the URL spelling error is a piece of cake. To do a trial: Www.urlspellcheck.com/fak.htm and Www.urlspellcheck.com/faq1.htm, and the second wrong spelling will be corrected automatically.

4. Rewriting URLs

Apache advocates have been bragging about the power of mod_rewrite, and now there's a dozen of these products for IIS, much better than mod_rewrite, because using mod_rewrite, you have to be familiar with regular expressions. Try this: Iiswrite or ISAPI rewrite.

5. Probe browser

Assuming that everyone browsing the site is using the same browser or screen size is obviously stupid, you can use JavaScript to detect the visitor's browser. If you are using IIS, you will have a better choice---cyscape Company's Browserhawk,apache world is not compared to its products. Cyscape company recently launched a new product called Cuntryhawk, which can be used to explore the region (country) where visitors are located. Unfortunately, I still have no language sensitive or area sensitive content to use it.

6. Site Content Compression

IIS 5 has a built-in compression feature, but to be honest, it sucks, using pipeboost.

7. Web Application Caching

You can set the different file or directory expiration time, open the IIS information Server, right-click the site content, click Properties, in the pop-up form you can make the appropriate settings. If you want developers to set up their own, use Cacheright, XCache these software.

Effective use of caching is going to take some time and money, but when you see the amount of traffic climbing, the site diary because there are not countless 304 back should be very small, bandwidth flow is also greatly reduced, you will understand why you have to do so. There are not many sites with good caching, instead, articles on its benefits are numerous online, to look at these: Brian Davidson ' s Page,mark Nottingham, and what AOL has to say.

8. Tuning Server

The tuning server is not a small problem and requires a monograph to illustrate it. There are some good basic tutorials and help on the web, such as Brett Hill and Microsoft's own Knowledge Base article. Of course, if you don't want to spend the time, use this--xtune.

9. Enhance the safety of the site

Now attack the site is really a lot of people, but as long as you are willing to pay a little effort, you will not be a will only sit beaten fool. Finding your server information and operating system information is the attacker's first goal, so, first, do not expose your HTTP headers to let others know that you are running IIS, using software such as servermask to remove or replace HTTP headers. Second, you can further install your server environment by removing unnecessary file extensions. In addition, you can also scan for problematic URL requests, Microsoft provides you with a free tool--urlscan.

10. Patches, patches, patches!

You should download and install the latest patches. You can go to the Microsoft site, or to http://www.cert.org/, using IIS as a keyword query.

Well, that's what I've summed up with IIS Admin 10. Some of these 10 articles are not necessary in IIS 6, but for W2K and NT IIS administrators, using these 10 can give you a good night's sleep.