IIS uses the ten principles

1. Custom error pages

Although custom error pages are simple, only a few administrators have effectively used it. Administrators can map HTTP error messages to absolute URLs on the server or to a file in MMC. More detailed information can be found here. If you think this is too much trouble, if you want an easier way, or if you want developers to define their own error pages and don't want them to have access to MMC, you can use a tool like Customer Error.
2. MetaBase Research

If you think Apache is powerful because it has a configuration file, then you should take a look at how good IIS MetaBase is. With MetaBase, administrators can do everything about IIS, such as creating a virtual directory; stopping, starting, or pausing a Web site; creating, deleting, disabling, or enabling applications. Microsoft provides a visualization tool called MetaEdit to help you read and write MetaBase, you can download the latest version here. In order to use MetaBase more effectively, you should try the command line interface -- IIS Administration Script, referred to as adsutil.vbs. You can find it in C:\\inetpub\\adminscripts or %SystemRoot%\\system32\\inetsrv\\adminsamples. .
Note: MetaBase is very important for the normal operation of the Web site, do not destroy it. Remember: you must back up before making any changes.

3. Automatically correct URL spelling errors

Apache advocates are always bragging about some of Apache's small features, the coolest of which is "Automatically correct URL spelling errors", now IIS administrators can also play these small functions, using URLSpellCheck to automatically correct URL misspellings. To do a trial: www.urlspellcheck.com/fak.htm and www.urlspellcheck.com/faq1.htm, how, the second wrong spelling will be corrected automatically.

4. Rewriting URLs

Apache advocates have always boasted of the power of mod_rewrite. Now, there are so many such products for IIS, many of which are better than mod_rewrite. Because you use mod_rewrite, you must be familiar with regular expressions. Try it: IISWrite or ISAPI rewrite.

5. Detecting Browsers

Suppose everyone on the browsing site uses the same browser or the same screen size is obviously stupid. You can use javascript to access the visitors. The browser performs the test. If you are using IIS, you will have a better choice --Cyscape's BrowserHawk, there is no product in the Apache world. Cyscape recently launched a new product called CuntryHawk, which can be used to detect the region (country) where the visitor is located. Unfortunately, I still don't have language sensitive or regionally sensitive content to use it.

6. Site Content Compression

IIS 5 has a built-in compression feature. To be honest, it's awful, use pipeboost.

7. Web Application Cache

You can set the expiration time of different files or directories, open the IIS Information Server, right click on the site content, click on Properties, and pop up the form. You can make the corresponding settings. If you want developers to set it up, use CacheRight and XCache.
It takes some time and money to use the cache effectively, but when you see the traffic increase, the site diary becomes small because there are no innumerable 304 responses, and the bandwidth traffic is greatly reduced when you I will understand why I have to do this. There aren't many sites with good cache settings. On the contrary, articles about its benefits are a lot on the Internet. Let's take a look at these: Brian Davidson's page, Mark Nottingham, and what AOL has to say.

8. Tuning the server

Tuning the server is not a small problem and requires a monograph to explain it. There are some good basic tutorials and help on the web, such as Brett Hill and Microsoft's own Knowledge Base article. Of course, if you don't want to spend these hours, use this -- XTune.

9. Strengthening the security of the site

There are a lot of people attacking the site now, but as long as you are willing to pay a little effort, you will not be a one who can only sit and beat. fool. Finding your server information and operating system information is the first target of the attacker, so first, don't expose your HTTP headers to let others know that you are running IIS, use the software such as ServerMask to remove or replace the HTTP headers. . Second, you can further install your server environment by removing unnecessary file extensions. In addition, you can also scan for problematic URL requests, and Microsoft provides you with a free tool, URLScan.

10. Patches, patches, patches!

You should download and install the latest patches. You can go to the Microsoft site or go to http://www.cert.org/and use IIS as a keyword query.
Ok, this is my summary of IIS Management 10. Some of these 10 are not necessary in IIS 6, but for W2k and NT IIS administrators, using these 10 can make you sleep well.