IIS 模塊（Modules）

概述

　　與以前版本不同，新的IIS版本中，不再在服務器上持有多數的功能（Instead of keeping the majority of functionality within the server itself），而是用一個名為“Web服務器引擎（Web server engine）”來替代。在這個Web服務器引擎上，可以根據需要，添加或者移除模塊，用以實現各種功能。比如，用身份驗證模塊來實現鑒定客戶端的證書的功能，用緩存模塊管理緩存行為。（模塊所在位置是工作者進程）

　　采用模塊的方式，有以下幾個優點：

　　（1）可以控制哪些模塊在服務器上使用。

　　（2）可以自定義模塊替代現有模塊或者引用新特性。

　　（3）可以自定義服務器的角色（You can customize a server to a specific role in your environment.）。

　　（4）更加安全和便捷的管理。移除不必要的模塊，可以減少服務器可能被攻擊的地方，以及減少內存占用，舍去對“不必要功能”的管理。

一、本地模塊（Native Modules）

　　在完全安裝的IIS7及以上版本中，可以找到本地模塊。根據需要，你可以移除它們或者用自定義模塊替代它們。

1.HTTP模塊

　　即在請求處理管理中，針對HTTP的模塊，包括重定向請求、返回HTTP錯誤、響應。

Module Name	Description	Resource
CustomErrorModule	Sends default and configured HTTP error messages when an error status code is set on a response.	Inetsrv\Custerr.dll
HttpRedirectionModule	Supports configurable redirection for HTTP requests.	Inetsrv\Redirect.dll
ProtocolSupportModule	Performs protocol-related actions, such as setting response headers and redirecting headers based on configuration.	Inetsrv\Protsup.dll
RequestFilteringModule	Added in IIS 7.5. Filters requests as configured to control protocol and content behavior.	Inetsrv\modrqflt.dll
WebDAVModule	Added in IIS 7.5. Allows more secure publishing of content by using HTTP over SSL.	Inetsrv\WebDAV.dll

 

2.安全模塊

　　即在請求處理管理中，執行與安全相關的任務的模塊。根據身份驗證方案，選擇相應的模塊（各模塊是獨立的）。也包括URL驗證模塊和請求過濾模塊。

Module Name	Description	Resource
AnonymousAuthenticationModule	Performs Anonymous authentication when no other authentication method succeeds.	Inetsrv\Authanon.dll
BasicAuthenticationModule	Performs Basic authentication.	Inetsrv\Authbas.dll
CertificateMappingAuthenticationModule	Performs Certificate Mapping authentication using Active Directory.	Inetsrv\Authcert.dll
DigestAuthenticationModule	Performs Digest authentication.	Inetsrv\Authmd5.dll
IISCertificateMappingAuthenticationModule	Performs Certificate Mapping authentication using IIS certificate configuration.	Inetsrv\Authmap.dll
RequestFilteringModule	Performs URLScan tasks such as configuring allowed verbs and file name extensions,setting limits, and scanning for bad character sequences.	Inetsrv\Modrqflt.dll
UrlAuthorizationModule	Performs URL authorization.	Inetsrv\Urlauthz.dll
WindowsAuthenticationModule	Performs NTLM integrated authentication.	Inetsrv\Authsspi.dll
IpRestrictionModule	Restricts IPv4 addresses listed in the ipSecurity list in configuration.	Inetsrv\iprestr.dll
Module Name	Description	Resource
AnonymousAuthenticationModule	Performs Anonymous authentication when no other authentication method succeeds.	Inetsrv\Authanon.dll
BasicAuthenticationModule	Performs Basic authentication.	Inetsrv\Authbas.dll
CertificateMappingAuthenticationModule	Performs Certificate Mapping authentication using Active Directory.	Inetsrv\Authcert.dll
DigestAuthenticationModule	Performs Digest authentication.	Inetsrv\Authmd5.dll
IISCertificateMappingAuthenticationModule	Performs Certificate Mapping authentication using IIS certificate configuration.	Inetsrv\Authmap.dll
RequestFilteringModule	Performs URLScan tasks such as configuring allowed verbs and file name extensions, setting limits, and scanning for bad character sequences.	Inetsrv\Modrqflt.dll
UrlAuthorizationModule	Performs URL authorization.	Inetsrv\Urlauthz.dll
WindowsAuthenticationModule	Performs NTLM integrated authentication.	Inetsrv\Authsspi.dll
IpRestrictionModule	Restricts IPv4 addresses listed in the ipSecurity list in configuration.	Inetsrv\iprestr.dll

 

3.內容模塊

　　即在請求處理管理中，執行與內容相關的任務的模塊。包括處理靜態文件請求、返回默認頁面（未指定請求何資源時）、列舉文件夾等模塊。

Module Name	Description	Resource
CgiModule	Executes Common Gateway Interface (CGI) processes to build response output.	Inetsrv\Cgi.dll
DefaultDocumentModule	Attempts to return a default document for requests made to the parent directory.	Inetsrv\Defdoc.dll
DirectoryListingModule	Lists the contents of a directory.	Inetsrv\dirlist.dll
IsapiModule	Hosts ISAPI extension DLLs.	Inetsrv\Isapi.dll
IsapiFilterModule	Supports ISAPI filter DLLs.	Inetsrv\Filter.dll
ServerSideIncludeModule	Processes server-side includes code.	Inetsrv\Iis_ssi.dll
StaticFileModule	Serves static files.	Inetsrv\Static.dll
FastCgiModule	Supports FastCGI, which provides a high-performance alternative to CGI.	Inetsrv\iisfcgi.dll

 

4.壓縮模塊

　　即在請求處理管理中，有兩個模塊實現壓縮功能。

Module Name	Description	Resource
DynamicCompressionModule	Compresses responses and applies Gzip compression transfer coding to responses.	Inetsrv\Compdyn.dll
StaticCompressionModule	Performs pre-compression of static content.	Inetsrv\Compstat.dll

 

5.緩存模塊

　　即在請求處理管理中，執行與緩存相關的任務的模塊。緩存可以改善網站和應用程序的性能。它通過在服務器的內存中保存已經處理過的信息（比如網頁）來實現。如果后續的講求是請求相同的資源，則這些信息將被重復利用。

Module Name	Description	Resource
FileCacheModule	Provides user mode caching for files and file handles.	Inetsrv\Cachfile.dll
HTTPCacheModule	Provides kernel mode and user mode caching in HTTP.sys.	Inetsrv\Cachhttp.dll
TokenCacheModule	Provides user mode caching of user name and token pairs for modules that produce Windows user principals.	Inetsrv\Cachtokn.dll
UriCacheModule	Provides user mode caching of URL information.	Inetsrv\Cachuri.dll

 

6.日志和診斷模塊

　　即在請求處理管理中，執行與日志和診斷相關的任務和模塊。日志模塊支持加載自定義模塊，和向HTTP.SYS傳遞信息。診斷模塊在請求處理過程中，跟蹤並報告事件。

Module Name	Description	Resource
CustomLoggingModule	Loads custom logging modules.	Inetsrv\Logcust.dll
FailedRequestsTracingModule	Supports the Failed Request Tracing feature.	Inetsrv\Iisfreb.dll
HttpLoggingModule	Passes information and processing status to HTTP.sys for logging.	Inetsrv\Loghttp.dll
RequestMonitorModule	Tracks requests currently executing in worker processes and reports information with Runtime Status and Control Application Programming Interface (RSCA).	Inetsrv\Iisreqs.dll
TracingModule	Reports events to Microsoft Event Tracing for Windows (ETW).	Inetsrv\Iisetw.dll

 

7.托管支持模塊（Managed Support Modules）

　　即在請求處理管理中，有兩個模塊用於支持托管代碼集成（A couple of modules in IIS support managed integration in the IIS request-processing pipeline.）。

Module Name	Description	Resource
ManagedEngine	Provides integration of managed code modules in the IIS request-processing pipeline.	Microsoft.NET\Framework\v2.0.50727\webengine.dll
ConfigurationValidationModule	Validates configuration issues, such as when an application is running in Integrated mode but has handlers or modules declared in the system.web section.	Inetsrv\validcfg.dll

 

二、托管模塊（Managed Modules）

　　除本地模塊之外，IIS允許你使用托管代碼模塊來擴展IIS的功能。一些托管模塊會對應一個本地模塊（比如：UrlAuthorization）。這個本地模塊是可供替代的選擇。

　　托管模塊依賴於ManagedEngine模塊

Module Name	Description	Resource
AnonymousIdentification	Manages anonymous identifiers, which are used by features that support anonymous identification such as ASP.NET profile.	System.Web.Security.AnonymousIdentificationModule
DefaultAuthentication	Ensures that an authentication object is present in the context.	System.Web.Security.DefaultAuthenticationModule
FileAuthorization	Verifies that a user has permission to access the requested file.	System.Web.Security.FileAuthorizationModule
FormsAuthentication	Supports authentication by using Forms authentication.	System.Web.Security.FormsAuthenticationModule
OutputCache	Supports output caching.	System.Web.Caching.OutputCacheModule
Profile	Manages user profiles by using ASP.NET profile, which stores and retrieves user settings in a data source such as a database.	System.Web.Profile.ProfileModule
RoleManager	Manages a RolePrincipal instance for the current user.	System.Web.Security.RoleManagerModule
Session	Supports maintaining session state, which enables storage of data specific to a single client within an application on the server.	System.Web.SessionState.SessionStateModule
UrlAuthorization	Determines whether the current user is permitted access to the requested URL, based on the user name or the list of roles of which a user is a member.	System.Web.Security.UrlAuthorizationModule
UrlMappingsModule	Supports mapping a real URL to a more user-friendly URL.	System.Web.UrlMappingsModule
WindowsAuthentication	Sets the identity of the user for an ASP.NET application when Windows authentication is enabled.	System.Web.Security.WindowsAuthenticationModule