fortypoundhead.com

Hosting Multiple IIS Web Sites with Host Headers

Posted On 2007-02-14 by FortyPoundHead
Keywords: Hosting Multiple IIS Web Sites with Host Headers
Tags: IIS 
Views: 2451


Most IIS administrators are aware that IIS (versions 4.0, 5.0—and soon—6.0) can host
multiple Web sites on one machine. The most common implementation of hosting
multiple Web sites is to dedicate a single IP address to each Web site. The
least common approach is to assign a unique port number to each Web site. A
third and very viable alternative is to assign host header names (often referred
to as host headers) to each Web site. You can use host headers to host multiple
domain names from a single IP address. Host headers let IIS snatch a host name
out of the HTTP header that the browser sends to the server. For example, if I
type http://www.InterKnowlogy.com/aboutUs/PressRelease.asp in my browser, the
IIS 5.0 server that services the request extrapolates www.InterKnowlogy.com as
the host header and routes the request to the proper Web site. Some very old
browsers don't support the HTTP 1.1 protocol, so they can't send host names in
the header. But those browsers are few and far between; even the Macintosh
version of Netscape 2.0.2 supports host headers.

You'll need to configure and host some form of name resolution, such as DNS, to make sure requests from your
site are properly routed to your Web server. You'll also need to stop Default
Web Site because it responds to all assigned IP addresses by default. Or you can
assign a host header to Default Web Site and force it to respond to a single IP
address. I don't recommend this approach because IIS add-on packages (such as
Microsoft Proxy Server) expect the default Web site to use the IP address of All
Unassigned.



Follow these steps to assign host headers:

Run Internet Service
Manager (ISM) (Start, Programs, Administrative Tools, Internet Service
Manager).
To add each Web site to
your server, right-click the server name in ISM, click New, then click Web
Site. Follow the wizard to create the site(s).
Right-click one of the Web
sites that will use host headers, then click Properties.
On the Web Site tab, select
the IP address all the sites will use. You'll probably keep the default of TCP
Port 80, the port that services the HTTP requests.
Click Advanced next to the
IP Address. In the "Multiple identities for this Web Site" list, select the
Web site identity, click Edit, then add the desired host header (e.g.,
www.win2000mag.com). NOTE: If you want this Web site to respond to more than
one host header (e.g., www.win2000mag.com and www.iisadministrator.com), use
the Add button to add other identities to this list using the same IP address
and port. You'll need to set up some form of name resolution (such as DNS) for
each identity.
Click OK three times to
apply the change(s).
Stop, then start the Web
site.
Repeat steps 3 through 7
for the remaining Web sites.



Now you're ready to run a
test. Grab a browser and navigate to your sites using the host headers. The
browser will open the appropriate Web sites as applicable.



Using host headers has one
drawback—IIS doesn't support Secure Sockets Layer (SSL) with host headers. IIS
encrypts the HTTP header when it routes the request, so it can't determine the
host header it needs to route to the correct Web site. Because IIS has to
decrypt the SSL key anyway, it should be smart enough to perform the encryption
during routing by rotating through the key types until it successfully decrypts
the host header from the body of the encrypted HTTP header. But it doesn't. A
really sharp Internet Server API (ISAPI) developer could
probably do just that, but that level of development pain probably isn't worth
the effort; simply dedicating an IP address to each Web site overcomes the SSL
problem.


multiple Web sites on one machine. The most common implementation of hosting
multiple Web sites is to dedicate a single IP address to each Web site. The
least common approach is to assign a unique port number to each Web site. A
third and very viable alternative is to assign host header names (often referred
to as host headers) to each Web site. You can use host headers to host multiple
domain names from a single IP address. Host headers let IIS snatch a host name
out of the HTTP header that the browser sends to the server. For example, if I
type http://www.InterKnowlogy.com/aboutUs/PressRelease.asp in my browser, the
IIS 5.0 server that services the request extrapolates www.InterKnowlogy.com as
the host header and routes the request to the proper Web site. Some very old
browsers don't support the HTTP 1.1 protocol, so they can't send host names in
the header. But those browsers are few and far between; even the Macintosh
version of Netscape 2.0.2 supports host headers.

You'll need to configure and host some form of name resolution, such as DNS, to make sure requests from your
site are properly routed to your Web server. You'll also need to stop Default
Web Site because it responds to all assigned IP addresses by default. Or you can
assign a host header to Default Web Site and force it to respond to a single IP
address. I don't recommend this approach because IIS add-on packages (such as
Microsoft Proxy Server) expect the default Web site to use the IP address of All
Unassigned.



Follow these steps to assign host headers:

Run Internet Service
Manager (ISM) (Start, Programs, Administrative Tools, Internet Service
Manager).
To add each Web site to
your server, right-click the server name in ISM, click New, then click Web
Site. Follow the wizard to create the site(s).
Right-click one of the Web
sites that will use host headers, then click Properties.
On the Web Site tab, select
the IP address all the sites will use. You'll probably keep the default of TCP
Port 80, the port that services the HTTP requests.
Click Advanced next to the
IP Address. In the "Multiple identities for this Web Site" list, select the
Web site identity, click Edit, then add the desired host header (e.g.,
www.win2000mag.com). NOTE: If you want this Web site to respond to more than
one host header (e.g., www.win2000mag.com and www.iisadministrator.com), use
the Add button to add other identities to this list using the same IP address
and port. You'll need to set up some form of name resolution (such as DNS) for
each identity.
Click OK three times to
apply the change(s).
Stop, then start the Web
site.
Repeat steps 3 through 7
for the remaining Web sites.



Now you're ready to run a
test. Grab a browser and navigate to your sites using the host headers. The
browser will open the appropriate Web sites as applicable.



Using host headers has one
drawback—IIS doesn't support Secure Sockets Layer (SSL) with host headers. IIS
encrypts the HTTP header when it routes the request, so it can't determine the
host header it needs to route to the correct Web site. Because IIS has to
decrypt the SSL key anyway, it should be smart enough to perform the encryption
during routing by rotating through the key types until it successfully decrypts
the host header from the body of the encrypted HTTP header. But it doesn't. A
really sharp Internet Server API (ISAPI) developer could
probably do just that, but that level of development pain probably isn't worth
the effort; simply dedicating an IP address to each Web site overcomes the SSL
problem.


About the Author

FortyPoundHead has posted a total of 1974 articles.

 


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.81.195.240

Before you can post, you need to prove you are human. If you log in, this test goes away.




Recent Forum Posts

Advanced search added
dwirch posted on September 23, 2017 at about 13:44 in Site News

Job Spammer: Gaurav Mehta - AgreeYa Solutions
dwirch posted on September 22, 2017 at about 10:35 in Spammers

Job Spammer: Prutha Siri - Javelin Systems
dwirch posted on September 10, 2017 at about 6:15 in Spammers

New security implemented
dwirch posted on September 7, 2017 at about 7:16 in Site News

Malicious IP Checker Companion Tool
dwirch posted on August 12, 2017 at about 20:24 in Site News

Job Spammer: Steve Adams
dwirch posted on August 8, 2017 at about 7:44 in Spammers