Difference between revisions of "IIS as Reverse Proxy"

From MgmtWiki
Jump to: navigation, search
(References)
(Example)
Line 18: Line 18:
 
#Click on the Server in the left pane (click a second time if you don't see sites)
 
#Click on the Server in the left pane (click a second time if you don't see sites)
 
#Click on sites
 
#Click on sites
#Add an new site with some friendly name that will be used to navigate to the site - point to some empty file directory, for example C:\inetpub\wwwroot\tomjones, leave rest empty
+
#Add an new site with some friendly name that will be used locally - point to some empty file directory, for example C:\inetpub\wwwroot\tomjones it will later contain the system.web file, leave rest empty
 
#Ensure there is an SSL certificate on the machine that can be used
 
#Ensure there is an SSL certificate on the machine that can be used
 
#Add binding - Click site name - in right pane click "Bindings" - in Site Bindings click "Add" - add type https on port 443 (or other if 443 is not available) - enter domain name - save
 
#Add binding - Click site name - in right pane click "Bindings" - in Site Bindings click "Add" - add type https on port 443 (or other if 443 is not available) - enter domain name - save

Revision as of 19:40, 8 November 2019

Full Title

Using Windows Server as a Reverse Proxy for IIS 8 and above (Server 2012 and above).

Context

  • It is often necessary to us a Reverse Proxy to terminate HTTPS requests and then forward those requests to specific server instances for load balancing or similar services.

Example

Goal: Redirect https: requests to a separate IIS instance (or site) which only supports http: scheme.

  1. Open the Server Manager - select the computer to run manager and "add Roles and Features Wizard
  2. Select "Role-based or feature-based Installation - click next
  3. Select Server - click next
  4. Select Web Server (IIS) - it is assumed that IIS has already been installed - if not do that
  5. Add security features - Request Filtering, Basic Authentication - Windows Authentication
  6. Click Install - this takes several minutes
  7. Install additional Microsoft IIS modules (If unsure go to cmd.exe and type %windir%\system32\inetsrv\config\applicationhost.config, and search for the string "<globalModules>".
    1. Install the Windows URL RewriteModule. It can be downloaded from https://www.iis.net/downloads/microsoft/url-rewrite (may be present already)
    2. Install Application Request Routing (ARR). It can be downloaded from https://www.iis.net/downloads/microsoft/application-request-routing
  8. Open Internet Information services (IIS) manager (for example from administrative tools)
  9. Click on the Server in the left pane (click a second time if you don't see sites)
  10. Click on sites
  11. Add an new site with some friendly name that will be used locally - point to some empty file directory, for example C:\inetpub\wwwroot\tomjones it will later contain the system.web file, leave rest empty
  12. Ensure there is an SSL certificate on the machine that can be used
  13. Add binding - Click site name - in right pane click "Bindings" - in Site Bindings click "Add" - add type https on port 443 (or other if 443 is not available) - enter domain name - save

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=IIS_as_Reverse_Proxy&oldid=6900"