1 (866) 866-2320 Resources Events Blog

Critical IIS Configurations Top Picks

Blog

Critical IIS Configurations Top Picks


 

As IIS administrators, you need to quickly focus in on the most critical IIS configurations necessary to boost IIS performance. So we've compiled for you below the top picks, chosen by our customers' IIS experts, that you should definitely watch closely.

So what do you say? Share the wealth, and let's hear what are the other critical configuration parameters that are on your radar, by adding to the comment section at the end of this article. 

1. AllowKeepAlive

Description

The AllowKeepAlive property specifies whether Keep-Alive processing is permitted. If this property is set to TRUE, then a Connection, Keep-Alive header, is appended to each response. This means that IIS will continue to reuse the TCP/IP socket that was used to receive the initial browser request, instead of destroying it and creating a new socket for each and every additional request

Why It's Important

A browser typically makes multiple requests in order to download an entire Web page. To enhance server performance, most Web browsers request that the server keep the connection open across these multiple requests, which is a feature known as HTTP keep-alives. Without HTTP keep-alives, a browser that makes many requests for a page containing multiple elements, such as graphics, might require a separate connection for each element.

These additional requests and connections require extra server activity and resources, decreasing server efficiency. The additional connections also make a browser much slower and less responsive, especially across a slow connection

Enabling keep-alive at the IIS level and sending keep-alive at request level still does not assure keeping a TCP connection. It only means that the client and server are sending hints that they want to keep a TCP connection open. Cooperation of everything between client and server is needed to actually keep a TCP connection open.
The only reason to disable keep-alive would be to reduce memory usage in scenarios when a lot of single concurrent requests open connections and keep them hanging without any performance benefit.

A change in the AllowKeepAlive property can impact performance and availability of an application running on an IIS server.

Impact Areas

Performance

Availability

Setting  Parameter

To set AllowKeepAlive using IIS Manager

  • Right click on Web Site (Default Web Site in our case) and click on Properties
  • "Enable HTTP Keep-Alives" is checked by default in the Web Sites Properties dialog box, under Connections

Notes

Typically AllowKeepAlive is turned on. Disabling it  requires a good reason.

2. MaxProcesses

Description

The  MaxProcesses property determines the maximum number of IIS worker processes per application pool that will serve web requests directed to this pool.

Why It's Important

The MaxProcesses property helps to optimize utilization of service resources for service web requests in the most efficient way. For example, if your server has multiple CPUs and MaxProcesses is greater than 1, then multiple worker processes can be opened for multiple incoming web requests in order to process these requests concurrently.

An increase in the MaxProcesses property can help to improve request processing robustness. When a worker process in an application pool is tied up (for example, when a script engine stops responding), other worker processes can accept and process requests for the application pool.

At the same time, use of excessive amounts of worker processes will decrease their efficiency if there is not enough computing resources to support them. Context switching between processes sharing the same CPU will slow them down.

Impact Areas

Performance

Availability

Setting Parameter

To set MaxProcesses using IIS Manager:

  • In IIS Manager, expand the local computer, expand Application Pools, right-click the application pool, and then click Properties.
  • Click the Performance tab, and under Web garden, in the Maximum number of worker processes box, type the number of worker processes that you want to assign to the application pool. (You must type a number greater than 1 for the application pool to become a Web garden).
  • Click OK

Notes

The optimal value MaxProcesses could be calculated as number of CPUs or number of CPUs + 1 as a starting point. The degree to which adding more helps is highly dependent on the implementation of the application. If the application makes a large number of long blocking calls (e.g. long SQL/Oracle Queries), more worker processes will help (assuming that the backend can handle the connection load). If the application is mostly quick transactions with few (or no) blocking calls, fewer worker processes will be required.

There is an interesting blog discussing use of MaxProcesses at http://blogs.iis.net/chrisad/archive/2006/07/14/1342059.aspx

3. AspQueueTimeout

Description

The AspQueueTimeout property specifies the amount of time (in seconds) that an ASP script request is allowed to wait in the queue. When requests are pulled from the queue, they are checked to see if they have expired (have waited longer than the value of this parameter). Expired requests are rejected with a message indicating the server is too busy.

Why It's Important

The AspQueueTimeout property is set to infinity by default, meaning that ASP script requests do not expire ever. Such a setting ensures that no requests are rejected whatever load server is processing at any given moment. The downside is that a request could be stuck in a queue for a long time if the server is busy without any indication of the status to a user. Therefore it is essential to find a value that will serve both purposes – will not drop requests when server workload is reasonable but will allow users to understand the status when the server is seriously loaded.

Keep in mind that setting a final value (e.g. 30 seconds) will not limit you to a small amount of supported clients—they won't be accessing the machine all at precisely the same time. Instead, it can support thousands of simultaneous users depending on content and network latency.

(Content latency is the time it takes content to be served from the disk or cache to the wire; network latency is the time it takes a request to travel from the client to the server or vice versa).

Impact Areas

Performance

Availability

Setting Parameter

  • To set the parameter using IIS Manager navigate to\Sites\Default Web Site.
  • Double-click ASPinFeatures View.
  • ExpandLimits Properties, configure the setting, press Enter, and then click Apply in the Actions pane.

Notes

Usually this parameter is set to a small value like 30 seconds. Very few users will wait more than 30 seconds for a response without hitting Refresh. So there's no reason to keep a page in the queue for any longer. Typically this parameter is changed once per site during the setup phase.

4. AspScriptTimeout

Description

The AspScriptTimeout property specifies (in seconds) the default length of time that ASP pages allow a server side script to run before terminating the script.

Why It's Important

This property is critical for ASP pages that perform time consuming operations on the server side. For example big file uploads that take a long time and complicated SQL queries.

Impact Areas

Performance

Availability

Setting Parameter

To set the parameter using IIS Manager:

  • Navigate to \Sites\Default Web Site.
  • In Features View, Double-click ASP.
  • Expand the Limits Properties, configure the ScriptTime-out setting, press Enter, and then click Apply in the Actions pane.

Notes

Usually this parameter is set to a small value like 30 seconds. Very few users will wait more than 30 seconds for a response without hitting Refresh. So there's no reason to keep a page in the queue for any longer. Typically this parameter is changed once per site during the setup phase.

5. MaxBandwidth

Description

The MaxBandwidth property specifies the maximum network bandwidth used for IIS. You can use this setting to help prevent overloading the network with IIS activity. This is not an inheritable property, but the value set at the machine level is globally available to all server instances. MaxBandWidth can be set individually, so that specific server instances are used instead of the global value, and can exceed the global setting established at the machine level.

Why It's Important

IIS supports bandwidth throttling and connection limiting for individual Web sites, and you can also set global properties to limit bandwidth usage and connections.

Limiting the number of connections and/or bandwidth used by the site helps you limit the site's impact on the server, and limiting the server helps you manage the server's impact on your network and available bandwidth.

Impact Areas

Performance

Setting Parameter

To set the parameter using IIS Manager:

  • Navigate to \Sites\DefaultWebSite.
  • In the site's Home pane, click Advanced Settings in the Actions pane.
  • In the Advanced Settings dialog box, expand Connection Limits, specify connection limit options, and then click OK.

Notes

In order to set correct value for MaxBandwidth, IIS administrator should consider the type of the application/files/media that the server is hosting.

In the following example site is hosting small media files:

  • MaxBandwidth was set to 65,536 (bytes per second)
  • MaxConnections was set to 1024 (clients)
  • ConnectionTimeout was set to 1 (min)

Additional examples are available on this site: http://www.iis.net/ConfigReference/system.applicationHost/sites/site/limits

6. PeriodicRestartTime

Description

The PeriodicRestartTime property specifies the period of time, in minutes, after which IIS rotates an isolated application. Setting the value of this property to 0 disables the property. The maximum supported value for this property is 71,582.

Why It's Important

Over time, applications often see their performance degrade due to poorly written code, sometimes getting stuck in a loop that causes unnecessary load on the CPU.

These applications can also cause memory leaks, where applications do not release needed memory back to the operating system.

These applications can cause a server to stall, requiring the server to be re-booted. Process recycling was created to solve these problems.

Impact Areas

Performance

Availability

Setting Parameter

To set the parameter using IIS Manager:

  • In the Connections pane, expand the server name, click Application Pools, and click the application pool you want to edit.
  • In the Actions pane, click Advanced Settings.
  • In the Advanced Settings dialog box, click the process model property to edit, and then edit it in the property value section of the dialog box, and then click OK.

Notes

In most cases it is useful to recycle periodically because your web apps might have memory leaks or other conditions that get worse over time.

IIS does overlapping recycling, i.e. a new worker process gets spawned while the old worker process is still processing requests in flight.

It is suggested to schedule a recycle once a day during off-peak hours.

7. DefaultDocument

Description

Specifies a file name of Web content that can be used as a default document. The value must be unique in the files collection, and it can be a file name or a relative path.

For each request, IIS must get the list of default documents and look for each file in the content path until it finds the first match.

Why It's Important

This parameter can have major impact on IIS performance. The smaller number of default documents that is set under the IIS is the faster load time that the default page will be. IIS will go to the first available page.

Impact Areas

Performance

Setting Parameter

To set the parameter using IIS Manager:

  • Scroll to locate the Default Document icon under the site.
  • Double click Default Document.

Notes

If you configure five documents and the site uses the last document, this increases the length of time spent that the system looks for the document. However, if you use one default document or use the first document in the list, this speeds up the request time.

8. DirectoryBrowse

Description

The directory Browse parameter can contain two attributes. The enabled attribute determines whether directory browsing is enabled for the site, application, or directory.<br /> <br /> The showFlags attribute defines the information about each file in the directory that Internet Information Services (IIS) will display. IIS can display the last modified date and time, the long date for the last modified date, the file size, and the file name extension. You can choose which of these, if any, IIS will display.

Why It's Important

By default, directory browsing is disabled in IIS so that users cannot see the contents of directories. To enhance security, you should leave directory browsing disabled unless you have a specific reason to enable it.

If you enable directory browsing for sharing purposes, make sure that you only enable it on the particular directory or directories that you want to share.

Impact Areas

Security

Setting Parameter

To set the parameter using IIS Manager:

  • Navigate to FeaturesView, double-click Directory Browsing.
  • In the Actions pane, click kEnable if the Directory Browsing feature is disabled and you want to enable it. Or, click Disable if the Directory Browsing feature is enabled and you want to disable it.

9. BindingInformation

Description

Specifies translation between a web address used by a client and actual network parameters of a Web Site hosted by IIS. Communication options consist from TCP Port number, IP address and DNS header values.

Why It's Important

This property is important for availability and functionality of multiple web sites hosted under single IIS.<br /> <br /> In order to host more than one site under the same IIS this property needs to be specifically configured.

Impact Areas

Availability

Functionality

Setting Parameter

To set the parameter using IIS Manager:

  • Open IIS Manager.
  • In the Connections pane, expand the Sites node in the tree, and then click to select the site for which you want to add a binding.
  • In the Actions pane, click Bindings.
  • In the Site Bindings dialog box, click Add.
  • In the Add Site Binding dialog box, add the binding information and then click OK.

Notes

You can assign multiple bindings for each of web sites when you have site content that serves different purposes or for which you must use a different protocol.

  • For example, a commerce site might have an application that requires that users log on to an account to purchase merchandise. The company hosts the site over HTTP, but users must log on to their account on an HTTPS page. In this example, the site would have two bindings: one for the HTTP portion and one for the HTTPS portion.
  • Additional example is a site hosting number of applications for different departments.
  • Each department has its own DNS record to access the page. (http://presale.department.mycompany and http://it.department.mycompany) both will be hosted on single IIS machine.
Please refer to Official Microsoft IIS site for additional information:
http://www.iis.net/ConfigReference/system.applicationHost/sites/site/bindings/binding
About the Author
Martin Perlin