Most IIS administrators are aware that IIS (versions 4.0, 5.0—and soon—6.0) can host multiple Web sites on one machine. The most common implementation of hosting multiple Web sites is to dedicate a single IP address to each Web site. The least common approach is to assign a unique port number to each Web site. A third and very viable alternative is to assign host header names (often referred to as host headers) to each Web site. You can use host headers to host multiple domain names from a single IP address. Host headers let IIS snatch a host name out of the HTTP header that the browser sends to the server. For example, if I type http://www.InterKnowlogy.com/aboutUs/PressRelease.asp in my browser, the IIS 5.0 server that services the request extrapolates www.InterKnowlogy.com as the host header and routes the request to the proper Web site. Some very old browsers don't support the HTTP 1.1 protocol, so they can't send host names in the header. But those browsers are few and far between; even the Macintosh version of Netscape 2.0.2 supports host headers.
You'll need to configure and host some form of name resolution, such as DNS, to make sure requests from your site are properly routed to your Web server. You'll also need to stop Default Web Site because it responds to all assigned IP addresses by default. Or you can assign a host header to Default Web Site and force it to respond to a single IP address. I don't recommend this approach because IIS add-on packages (such as Microsoft Proxy Server) expect the default Web site to use the IP address of All Unassigned.
Follow these steps to assign host headers:
Run Internet Service Manager (ISM) (Start, Programs, Administrative Tools, Internet Service Manager).
To add each Web site to your server, right-click the server name in ISM, click New, then click Web Site. Follow the wizard to create the site(s).
Right-click one of the Web sites that will use host headers, then click Properties.
On the Web Site tab, select the IP address all the sites will use. You'll probably keep the default of TCP Port 80, the port that services the HTTP requests.
Click Advanced next to the IP Address. In the "Multiple identities for this Web Site" list, select the Web site identity, click Edit, then add the desired host header (e.g., www.win2000mag.com). NOTE: If you want this Web site to respond to more than one host header (e.g., www.win2000mag.com and www.iisadministrator.com), use the Add button to add other identities to this list using the same IP address and port. You'll need to set up some form of name resolution (such as DNS) for each identity.
Click OK three times to apply the change(s).
Stop, then start the Web site.
Repeat steps 3 through 7 for the remaining Web sites.
Now you're ready to run a test. Grab a browser and navigate to your sites using the host headers. The browser will open the appropriate Web sites as applicable.
Using host headers has one drawback—IIS doesn't support Secure Sockets Layer (SSL) with host headers. IIS encrypts the HTTP header when it routes the request, so it can't determine the host header it needs to route to the correct Web site. Because IIS has to decrypt the SSL key anyway, it should be smart enough to perform the encryption during routing by rotating through the key types until it successfully decrypts the host header from the body of the encrypted HTTP header. But it doesn't. A really sharp Internet Server API (ISAPI) developer could probably do just that, but that level of development pain probably isn't worth the effort; simply dedicating an IP address to each Web site overcomes the SSL problem.
End of Article
The article states that the Default Web site must be stopped or it can be set up with host headers also. We have the host headers set for most of our sites, while the default site responds to all queries that don't go to one of the host header sites. This doesn't seem to have been a problem, but does anyone know why it may be, or how the problem may manifest itself?
Also, since we are fortunate to have a domain name that was not being used for another purpose, we used it for SSL use. It seemed to work in testing, but has not been operationally tested yet. Anyone see a problem with that?
M. Wright May 30, 2001
We also have successfully made the default website respond to All Unassigned IP addresses even with many of the sites in IIS 5 having host headers. The good thing about this scenario from a web host's point of view is that instead of visitors getting a 404 page when a client has not changed their nameservers or has forgotten to renew their domain name's registration, the web host gets the traffic instead of a phone saying their site is offline.
Regarding M. Wright's question of their being a problem with assigning a separate domain name for use with SSL, I am at a loss as to what he is referring. However, if he is saying that IIS5 can be configured such that a separate domain name can be say the "secure.avehost.com" instance for SSL while avehostB.com is a host header site using the same ip, sure, as long as a certificate binding and use of ssl is restricted to the secure.avehost.com domain and is not used on the avehostB.com domain. This still leaves the problem of how to make ssl work on both secure.avehost.com and avehostB.com.
Chris Kipple, CEO, AveHost.com August 30, 2001
Thanks for this useful information.
Tuncay Besikci February 13, 2004
That was really useful. Got it working in 2 minutes!
Tristan May 03, 2004
How do you view web pages with headers over the same network your web server is on?
kpeters June 03, 2004
Wow this article help me fixed me problem in 2 minute. Thx for that! Really appreciate it.
Alex June 23, 2004
Hey, that worked like a charm. Thanks a lot!
Cheers Neil
Neil June 25, 2004
Dude, you should really say what software is required for this article. I read the whole article and then spent hours trying to implement it. You could have saved everbody a lot of time if you said it only works on windows 2000 SERVER. how friggin basic is that for a technology article--where is your brain. Warning to all you running windows xp--this will not work for you!!
tomandlis July 24, 2004 (Article Rating: )
Dude, you should really read the DATE on the article. You could have saved yourself a lot of time if you noticed that this article was written BEFORE Windows XP was even released. Clue 1: He refers to his version of IIS as 5.0 Clue 2: He refers to version 6 of IIS as something that will be coming out "soon." Clue 3: The article is dated May 2001. How friggin obvious is that? Next I suppose we will need disclaimers on all web sites explaining that they don't magically update every article in existence each time MS releases a new version.
Warning to all you running windows xp--Don't try to apply articles written three and a half years ago to your systems and expect them to work.
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
When Microsoft announced its Windows Live OneCare security and PC health product over five years (as MSN OneCare), Symantec, McAfee, and the other consumer-oriented security vendors reacted with stunning vigor. ...
Get Mark Minasi’s Windows Server 2008 Audio CDs "Windows expert, consultant and best-selling author Mark Minasi shows you if 2008 is right for you and, if so, how to get the most out of it!
Take Control of Your Email Optimize your email storage – Download this white paper to learn key how-to’s in email storage management.
Get Windows IT Pro To Go! The Windows IT Pro Magazine Master CD is a powerful combination of content and convenience. Order now, and save up to 25%--plus you’ll get online access to new articles each and every month! Subscribe today!
)
)
Register
Also, since we are fortunate to have a domain name that was not being used for another purpose, we used it for SSL use. It seemed to work in testing, but has not been operationally tested yet. Anyone see a problem with that?
M. Wright May 30, 2001