IIS (Internet Information Services) is a web server developed by Microsoft for its operating systems. The product is completely proprietary and comes bundled with Windows. The first version appeared in Windows NT and continues to evolve.

By default, IIS is turned off in the operating system. To activate it, you need to go to the control panel and activate it as a component.

The principle of operation

The user’s request is first sent to the server, and then transmitted to IIS for processing. The main module of the web server is the WWW service. The service processes user requests over HTTP/HTTPS protocols.

One web server works with several sites in parallel. For example, a single server with a single IP address handles requests on a single TCP port from multiple sites. At the same time, DNS records are created inside IIS to identify each site.

Inside the web server, home directories are created for each site with access rights for directories. For example, when processing site requests Yandex.ru a directory appears inside IIS c:/Yandex , which automatically gets all the information when processing requests from this site.


IIS provides users with several site protection options. They are all integrated into the Windows operating system and differ in the principle of user authentication.

  1. Anonymous login. The user is not identified by the operating system, because he does not go through the authorization procedure. He is given a minimum set of access rights.
  2. Basic authentication. The user enters his credentials, which are submitted via open communication channels. As a rule, such clients are granted a limited set of rights.
  3. Digest authentication. The user name is transmitted in clear text, and the password is encrypted.
  4. Built-in authentication. The protection mechanism synchronizes with the system and takes the user’s credentials, under which he has passed the authentication procedure in the operating system.
  5. UNC authentication. The user’s credentials are transferred to the remote server where the client is authorized.
  6. Login using a certificate. In this case, an SSL certificate is used to confirm the user.

As an encryption for IIS, there is a special Crypto component. It is only available on server operating systems starting with Windows Server 2008. A completely free utility.

Through this component, the administrator sets up encryption for the site using templates. They allow you to create a specific set of rules, and then apply to sites.

IIS is designed to work and administer sites running Microsoft family operating systems. The web server is integrated as a component in windows and has various authentication functions.

We use cookies to optimise website functionality and improve our services. To find out more, please read our Privacy Policy.
Cookies settings
Strictly necessary cookies
Analytics cookies