← Previous Getting Started with Windows Server: A Beginner's Guide
Chapter 3 of 15 Windows Server ↑ Index
Next → DNS and DHCP Setup on Windows Server 2025: Step-by-Step Guide
Windows Server Chapter 3 of 15 by Administrator 4 min read

Windows Server IIS Setup: Host Your First Web Server

Internet Information Services (IIS) is Microsoft's web server platform, built into Windows Server. It supports ASP.NET, PHP (via FastCGI), static HTML, and more. Setting up IIS correctly from the start saves hours of troubleshooting later — this guide covers everything from role installation to SSL configuration.

Installing the IIS Role

Open Server Manager, click Manage > Add Roles and Features, and select Web Server (IIS). On the role services page, the defaults cover basic static hosting. For ASP.NET applications, also select:

  • Application Development > ASP.NET 4.8
  • Application Development > .NET Extensibility 4.8
  • Application Development > ISAPI Extensions
  • Application Development > ISAPI Filters

Via PowerShell, install IIS with the most common features in one command:

Install-WindowsFeature -Name Web-Server, Web-Common-Http, Web-Static-Content, Web-Default-Doc, Web-Asp-Net45, Web-Net-Ext45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Console -IncludeManagementTools

After installation, open a browser and navigate to http://localhost. The IIS default page confirms the service is running.

IIS Manager Overview

Launch IIS Manager from Server Manager > Tools > Internet Information Services (IIS) Manager, or run inetmgr. The left panel shows the connection tree: server > sites > applications > virtual directories. The centre panel shows features for whatever node is selected. The right panel shows actions.

The Default Web Site is created automatically and listens on port 80. Its root directory is C:inetpubwwwroot. Drop an HTML file there and browse to your server's IP to confirm it serves correctly.

Creating a New Website

In production, you'll create separate sites for each application rather than dumping everything into the default site. Right-click Sites in IIS Manager and choose Add Website.

  • Site name: A descriptive name, e.g., sysroot-app
  • Physical path: The folder containing your site files, e.g., D:websitessysroot-app
  • Binding type: HTTP, port 80, with a host name matching your DNS record

Set the folder permissions so the IIS application pool identity can read the files:

$path = "D:websitessysroot-app"
$acl = Get-Acl $path
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("IIS AppPoolDefaultAppPool","ReadAndExecute","ContainerInherit,ObjectInherit","None","Allow")
$acl.SetAccessRule($rule)
Set-Acl $path $acl

Application Pools

Each IIS website runs under an Application Pool, which is an isolated worker process (w3wp.exe). Separate pools mean one crashing application does not take down others. Key application pool settings:

  • .NET CLR Version: Match the version your application targets. For .NET Core / .NET 5+, select No Managed Code and use the ASP.NET Core module instead.
  • Identity: Default is ApplicationPoolIdentity, a built-in virtual account. Least-privilege and recommended for most scenarios.
  • Recycling: Set a regular recycle time (e.g., 02:00 daily) to clear memory leaks in older applications.

Binding SSL/TLS Certificates

Never serve anything sensitive over plain HTTP. To add HTTPS:

  1. Import your certificate into the Local Machine > Personal certificate store. Run certlm.msc and import your PFX file.
  2. In IIS Manager, select your site and click Bindings in the right panel.
  3. Click Add, choose HTTPS, port 443, enter your hostname, and select the certificate from the dropdown.

To redirect all HTTP traffic to HTTPS, install the URL Rewrite module (downloadable from Microsoft) and add this rule to your site's web.config:

# Check URL Rewrite is installed
Get-WebGlobalModule -Name "RewriteModule"

The XML rewrite rule in web.config matches all HTTP requests and issues a 301 redirect to the HTTPS equivalent URL.

Common Errors and Fixes

IIS errors are standardised — knowing the common ones saves time:

  • 403.14 Forbidden: Directory browsing is disabled and no default document exists. Add an index.html or enable the Default Document feature.
  • 500.19 Internal Server Error: web.config has a syntax error or references a module not installed. Check the error code in the detail — it maps to a specific config section.
  • 503 Service Unavailable: The application pool has stopped. Check Event Viewer > Application log for the crash reason, then restart the pool: Restart-WebAppPool -Name "DefaultAppPool".

Enable Failed Request Tracing in IIS Manager for detailed diagnostic logs on any error — it's the most powerful IIS debugging tool available and is invaluable when error messages are vague.

Tags: Tutorial Step by Step Sysadmin Windows Server IIS

Related Articles

Windows Server Windows Server Performance Monitoring: Resource Monitor, PerfMon, and More Windows Server performance monitoring with Resource Monitor, PerfMon, Data Collector Sets,... Windows Server DNS and DHCP Setup on Windows Server 2025: Step-by-Step Guide Learn to install and configure DNS and DHCP on Windows Server 2025. Covers zones, records,... Windows Server Group Policy Explained: How to Create and Apply GPOs in Windows Server Group Policy Objects (GPOs) let you configure hundreds of machines from one place. This gu... Windows Server PowerShell for Windows Server Admins: 10 Essential Scripts Ten essential PowerShell scripts for Windows Server admins: inventory reports, bulk AD use...
← Previous Chapter Getting Started with Windows Server: A Beginner's Guide
View All Chapters
Next Chapter → DNS and DHCP Setup on Windows Server 2025: Step-by-Step Guide