Introduction
This is a cheat sheet for setting up a publicly accessible website on IIS/Windows Server.
Disclaimer
This is not a step-by-step installation guide, but merely a checklist of items to be completed.
Assumptions
- You have a Microsoft Windows server for the Web server with administrative access to it
- IIS roles are installed (see https://technet.microsoft.com/en-us/library/cc731179.aspx for more information)
- A firewall/router connecting your internet to the LAN that is accessible to the Web server
- Your internet public IP address is static (never changes)
Checklist
- On the windows/web server, create a folder on the disk of your choice to hold the website files and then copy your website files in
- Create an IIS website, pointing to this folder, and configure settings
- If your site is an ASP.NET application, set application pool, .NET level and other related settings appropriately
- Set host header (TCP port 80 binding) of site to be the desired, full public DNS name that people will use to get to your site (i.e., www.mywebsite.com)
- Create a public DNS entry of this name (www.mywebsite.com) pointing to the public IP address of your internet firewall/router
- If necessary, create an internal DNS entry of this name pointing to the web server on the LAN
- If secure SSL/https is desired, add an https (TCP port 443) binding to the site and select the appropriate security/SSL certificate. *NOTE* you must acquire and install a valid SSL certificate beforehand. SSLShopper has a decent article about this here
- Configure your firewall/router to forward publicly incoming TCP port 80 requests (also TCP port 443 if ssl/https is used) to the web server LAN IP address. Also, make sure the Windows Firewall on the web server is not blocking these TCP ports.
- That's it. Test.
Notes
If you want to make your site publicly available with a dynamic public IP address (i.e. cable modem or DSL where the IP address can change from time to time), sign up for a service such as Dyn. You can run a background service on the web server (also some firewall/routers support dynamic DNS built-in) to always keep the public DNS name (i.e. www.mywebsite.com) updated with your public IP address.
If desired to use ssl/https, do not attempt to setup your own certificate authority (CA) and create your own "self-signed" certificate. It *NEVER* works out well and you will always encounter problems & errors. Save yourself from many headaches and just purchase a valid SSL certificate from a reputable/valid CA.
Thanks
I hope this is helpful!
History
- v1.0 - 2015-06-26 - First revision of tip