How to Set Up IIS on Windows Server

Internet Information Services (IIS) is a built-in web server for Windows Server used to host websites, serve static and dynamic content, and run web applications such as .NET and ASP.NET. It supports protocols like HTTP, HTTPS, FTP, and WebDAV, and offers features for authentication, compression, SSL, and application deployment.

This article shows you how to install and configure IIS on Windows Server. You’ll learn how to add websites, manage authentication, deploy web applications, and enable performance and security features like SMTP and HTTPS.

Install IIS

IIS is a built-in Windows Server feature that you can enable using Server Manager or PowerShell.

Install via Server Manager (GUI)

Open Server Manager from the Start Menu.
Click Manage > Add Roles and Features.
Proceed through the wizard until you reach Server Roles.
Select Web Server (IIS).
Complete the wizard and click Install.

Once complete, you can launch IIS Manager from Tools in Server Manager.

Install IIS using PowerShell

If you prefer using PowerShell, run the following command as Administrator:

                            pwsh
                            
Install-WindowsFeature -name Web-Server -IncludeManagementTools

This command installs the IIS web server role along with its management tools.

Manage IIS Sites

IIS allows you to host and manage multiple websites on the same server. Use the IIS Manager interface to configure site bindings, document roots, and hostnames.

Add a New Website Using IIS Manager

Launch IIS Manager from the Start Menu.
In the Connections pane, expand the server name and select Sites.
Right-click Sites, then choose Add Website....
Fill out the following fields:
- Site name: Internal name for the site (e.g., MySite).
- Application pool: Leave default unless using custom .NET versions.
- Physical path: The root folder for site files (e.g., C:\inetpub\wwwroot\mysite).
- Binding:
  - Type: Choose http or https.
  - IP address: Use All Unassigned or specify a dedicated IP.
  - Port: Common values are 80 (HTTP) or 443 (HTTPS).
  - Host name: Domain name like example.com.
Click OK to save and create the site.

Once added, the new website will appear under the Sites node. You can start, stop, or edit the site at any time.

Add a Website Using PowerShell

You can also create a new site with PowerShell:

                            pwsh
                            
                        
New-Item -Path "C:\inetpub\wwwroot\mysite" -ItemType Directory
New-WebSite -Name "MySite" -Port 80 -PhysicalPath "C:\inetpub\wwwroot\mysite" -HostHeader "example.com"

Replace MySite, port number, physical path, and hostname as needed.

Start or Stop a Website

IIS gives you granular control over each hosted website. You can start, stop, or restart individual sites without affecting others. This is helpful for applying changes, running updates, or performing maintenance.

Using IIS Manager

Open IIS Manager.
In the Connections pane, expand Sites and select your target website.
In the Actions pane, click Start, Stop, or Restart depending on what you want to do.

Use PowerShell to Start or Stop a Site

Start a site
pwsh
```
Start-WebSite -Name "MySite"
```
Stop a site
pwsh
```
Stop-WebSite -Name "MySite"
```
Restart a site
pwsh
```
Restart-WebItem 'IIS:\Sites\MySite'
```

Replace "MySite" with the name of your website.

Deploy Applications with Web Platform Installer (Web PI)

IIS allows you to deploy popular web applications like WordPress, Joomla, and Drupal using the built-in Web Platform Installer (Web PI), a graphical tool that simplifies installation and configuration of web stacks and CMS platforms.

To install an application using Web PI:

Open IIS Manager.
In the Actions pane, click Deploy > Install Applications from Gallery.
Use the search bar or browse the list to find an application (e.g., WordPress).
Click Add, then Install to begin installation.
Follow the prompts to complete setup.

Configure Authentication

IIS supports multiple authentication methods to restrict or control access to your website. The most common configuration for internal or secured environments is Basic Authentication, which requires users to enter a valid username and password.

To configure authentication in IIS Manager:

Open IIS Manager and select your target site.
In the Features View, double-click Authentication under the IIS section.
Select Basic Authentication, then click Enable in the Actions pane.
(Optional) Select Anonymous Authentication and click Disable to require login for all requests.

By default, IIS enables Anonymous Authentication, allowing unrestricted access to all users.

Note

Basic Authentication transmits credentials in plain text unless used over HTTPS. Always secure your site with SSL/TLS when using this method. You can configure access permissions by assigning NTFS file permissions or integrating with Active Directory accounts if needed.

Enable SMTP for Outgoing Email

Web applications like WordPress, Joomla, or ASP.NET-based sites often require outgoing email support for features like password resets, registration confirmation, and contact forms. You can enable SMTP capabilities in Windows Server to support these features.

Install the SMTP Server Feature

Open Server Manager.
Click Manage > Add Roles and Features.
Proceed to the Features section.
Select SMTP Server.
Complete the wizard and restart if prompted.

This installs a basic SMTP relay on the server.

Configure SMTP Settings for Applications

After installation, configure your application's SMTP settings. If you're using ASP.NET apps:

In IIS Manager, select your application.
Double-click SMTP E-mail under the ASP.NET section.
Configure the following fields:
- E-mail address – The address used in the From: header.
- Delivery method – Choose Network.
- SMTP server – Enter your SMTP relay (e.g., localhost, mail.example.com, or your organization's SMTP endpoint).
- Port – Typically 25, 587, or 465 depending on your provider.
- (Optional) Configure credentials if your SMTP server requires authentication.

Click Apply to save the changes.

It's recommended to use an external SMTP service (like SendGrid, Amazon SES, or your organization's SMTP relay) instead of exposing your local SMTP server directly to the internet.

Enable Response Compression

IIS supports static and dynamic compression to reduce the size of content served to clients. This improves page load times, saves bandwidth, and enhances overall performance — especially for large text-based resources like HTML, CSS, JavaScript, and JSON.

Enable Compression in IIS Manager

Open IIS Manager.
In the Connections pane, select either the server node (for global settings) or a specific site.
In the Features View, double-click Compression under the IIS section.
Check the boxes for:
- Enable static content compression
- Enable dynamic content compression
Click Apply in the Actions pane.

Static compression caches compressed content on disk. Dynamic compression recompresses content for each request, and may increase CPU usage. Test performance based on your workload.

Use `web.config` for Site Settings

IIS uses the web.config file for site-specific configurations. If you're familiar with Apache’s .htaccess, web.config is its functional equivalent on Windows.

Common use cases include:

URL rewriting
Access restrictions
Custom error pages
MIME type declarations

The file is written in XML and should be placed in your site’s root directory (e.g., C:\inetpub\wwwroot\yoursite\web.config). Changes take effect immediately without restarting the server.

Secure a Site with SSL

To secure your website with HTTPS, configure SSL in IIS using a valid SSL certificate. This section walks you through importing the certificate and binding it to your website.

Import the SSL Certificate

Open IIS Manager.
In the Connections pane, select your server name (not the site).
Double-click Server Certificates under the IIS section.
In the Actions pane, click Import....
Browse for your certificate file (usually .pfx format), enter the password if required, and complete the import process.

Bind the Site to HTTPS

In the Connections pane, expand Sites and select your website.
In the Actions pane, click Bindings....
In the Site Bindings dialog, click Add....
For Type, select https.
Choose IP address, or leave as All Unassigned.
Set Port to 443.
Enter the hostname (e.g., yourdomain.com), if applicable.
From the SSL certificate dropdown, select the certificate you imported.
Click OK, then Close.

After completing the steps, navigate to https://yourdomain.com in a browser. If the certificate is valid and correctly configured, the browser should show a secure lock icon.

Optional: Automate SSL with Let's Encrypt

You can use free tools to automatically issue and renew SSL certificates for IIS:

Certify The Web: A GUI-based Let's Encrypt client for Windows.
win-acme: A command-line tool for Let's Encrypt on Windows Servers.

These tools simplify SSL management and are ideal for non-commercial or self-hosted sites.

Conclusion

In this article, you set up and configured Internet Information Services (IIS) on Windows Server to host web applications and websites. You enabled the IIS role, added and managed sites, deployed applications through Web Platform Installer, and configured essential services such as authentication, SMTP email, and compression. You also used the web.config file for granular control and secured your site using SSL.

Whether you're running a .NET application, hosting static files, or deploying CMS platforms like WordPress, IIS offers a reliable and flexible environment. With everything in place, your Windows Server is now fully equipped for secure and efficient web hosting.

Tags:

IIS

Windows Server

Web Servers

Comments

No comments yet.