Return to doc.sitecore.com

Valid for Sitecore 5.3.2, 5.3.1
  Configuring IIS
Prev Next
Print this page (opens in new window) Print

Complete the following steps to configure an existing site (Windows XP does not support multiple sites) or create a new website in IIS (Windows 2003 only).

Important Note : Do not create a virtual directory for Sitecore as the product cannot operate from a virtual directory.

  1. Open the Internet Information Services (IIS) Manager.

    The IIS MMC is normally accessed from the Control Panel » Administrative tools » Internet Services Manager when using Windows 2000 and Windows XP, or Control Panel » Administrative tools » Internet Information Services (IIS) Manager when using Windows 2003.
     
  2. Expand “Web Sites”
     
  3. Windows XP:
    Right click on “Default Web Site” and select “Properties”
     
  4. Windows 2000 Server, Windows 2003 Server
    Create a new web site (the process is outside the scope of this document)
     
  5. In the “Local path” field of the Home Directory tab enter or browse to the WebSite folder, for instance C:\InetPub\ProjectName\WebSite
     
  6. Ensure Application Protection on the Home tab is set to "Medium (Pooled)" – "High" will cause excessive caching
     
  7. Assuming the default mediaFolder definition in web.config, select properties for the /upload folder in the IIS management console and deny Execute Permissions on the Directory tab; this will prevent potential execution of uploaded ASP.NET resources such as .html files which should instead prompt to download when such resources are requested
     
  8. The following folders and files under the WebSite root should not be accessible to the public:

    /data
    /sitecore/admin
    /sitecore/debug 
    /sitecore/rest.html
     
    Ensure that Enable anonymous access is disabled in the Authentication window of the Directory tab in the properties of each folder in the IIS management console.
     
  9. Windows 2003
    On the Performance tab in the Properties of the appropriate Application Pool, ensure Maximum number of worker processes is ALWAYS “1”.
     
    Note: on multiple processor servers, this value may automatically be set higher than one during the process of OS/IIS installation. On these servers it is therefore especially important to check this setting as it will likely be higher than "1".
     
  10. Restart IIS (see Restarting ASP.NET and/or the machine)

From time to time, users running a multisite solution are faced with the desire to have an IIS log file for each domain for statistics purposes. Follow this link to read about such setup and the challenges it raises.

1.  Security

If you wish you may tighten server security. However, be warned that obscure security settings will likely impact the operation of the site.

Generally, however, we do recommend that you disable all unused extensions in the IIS. For a Sitecore solution, you generally only need the .NET and perhaps ASP extensions.  Therefore, you can remove “.idc”, “.shtm”, etc. This will make your machine much more resistant to known attacks.

To do this right click on the site in IIS, and choose Properties » Home Directory » Configuration. The following screen should appear.

/upload/sdn5/products/sitecore 5.3/installation/configuring iis/tighten_server_security.png


Prev Next