Deploying ASP.NET applications on IIS is an essential task for developers working in Windows environments. In this tutorial, I'll guide you step-by-step on how to deploy both ASP.NET Framework and ASP.NET Core applications on IIS, including setting up custom domains, SSL certificates, and more.
Prerequisites
Before starting, make sure you have the following:
- IIS installed on your server or local machine.
- Published ASP.NET application (either .NET Framework or .NET Core).
- A custom domain (optional but recommended for production).
- An SSL certificate (optional but essential for HTTPS).
- Administrator permissions on the server.
Step 1: Install IIS and Required Tools
1.1 Install IIS
- Open the Control Panel and select Programs > Turn Windows features on or off.
- Look for Internet Information Services (IIS) and check the box to install it.
- Make sure to include the following features:
- ASP.NET (for .NET Framework applications).
- ASP.NET Core Module (for .NET Core applications).
- CGI (only if you need to run additional applications).
1.2 Install .NET Runtime (Only for ASP.NET Core)
If your application is ASP.NET Core, you need to install the corresponding runtime:
- Download the runtime from the official .NET website.
- Install the version that matches your application.
Step 2: Publish the ASP.NET Application
2.1 Publish from Visual Studio
- Open your project in Visual Studio.
- Right-click on the project and select Publish.
- Configure the publishing profile:
- Folder: Publish to a folder on your server.
- IIS: Publish directly to IIS if you have a publishing profile configured.
2.2 Prepare the Published Files
- Copy the published files to a folder on the server (e.g.,
C:\Applications\MyAppASP). - Ensure the folder has read and execute permissions for the
IIS_IUSRSuser.
Step 3: Create a Site in IIS
3.1 Create the Site
- Open IIS Manager (press
Win + Rand typeinetmgr). - Right-click on Sites (left panel) and select Add Website.
- Configure the following:
-
Site name: A descriptive name (e.g.,
MyAppASP). - Physical path: Select the folder where the published files are located.
-
Binding: Configure the port (80 for HTTP or 443 for HTTPS) and host name (your custom domain, e.g.,
myapp.com).
-
Site name: A descriptive name (e.g.,
3.2 Configure Bindings
Bindings are essential to associate a website with an IP address, port, and domain name.
- In IIS Manager, select the site you just created.
- In the right panel, click on Bindings.
- Add a new binding for HTTPS if needed:
-
Type:
httpsorhttp. -
Port:
443or80. -
Host name:
myapp.com. - SSL certificate: Select your installed certificate.
-
Type:
Step 4: Configure the ASP.NET Module
4.1 For .NET Framework Applications
- Ensure ASP.NET is installed in IIS.
- In IIS Manager, select the website.
- In the center panel, double-click on Modules.
- Verify that the ASP.NET module is present and enabled.
4.2 For .NET Core Applications
- Ensure the ASP.NET Core Module is installed in IIS.
- In IIS Manager, select the website.
- In the center panel, double-click on Modules.
- Verify that the ASP.NET Core Module is present and enabled.
Step 5: Configure the Hosts File (Optional for Local Testing)
If you're testing locally and want to use a custom domain, you need to add an entry to the hosts file.
- Open Notepad as an administrator.
- Go to File > Open and navigate to: C:\Windows\System32\drivers\etc\hosts
Copy
- Add a new line at the end of the file with the format: 127.0.0.1 myapp.com
Copy
(Replace 127.0.0.1 with your server's IP if working on a network).
- Save the file.
Step 6: Configure Permissions and Security
6.1 Folder Permissions
- Right-click on the application folder and select Properties.
- Go to the Security tab and add the
IIS_IUSRSuser with read and execute permissions.
6.2 Authentication in IIS
- In IIS Manager, select the website.
- In the center panel, double-click on Authentication.
- Enable Anonymous Authentication if needed.
- If additional authentication is required, enable Windows Authentication or Basic Authentication.
Step 7: Configure SSL Certificate (Optional but Recommended)
7.1 Obtain an SSL Certificate
- You can get a free certificate from Let's Encrypt or purchase a commercial one.
- Install the certificate on the server.
- Associate it with the HTTPS binding.
Step 8: Test the Application
- Start the site in IIS (select the site and click Start in the right panel).
- Open a browser and visit your application's URL (e.g.,
https://myapp.com). - Verify that the application loads correctly and the SSL certificate is active (green lock in the address bar).
Configure HTTP to HTTPS Redirects in IIS
When deploying an application in production, it's a good practice to redirect all HTTP traffic to HTTPS to ensure secure connections. Here's how to do it in IIS, either through the web.config file or via a reverse proxy.
Option 1: HTTP to HTTPS Redirect in web.config
You can configure the redirect directly in the web.config file of your ASP.NET application. This method is ideal if you're not using a reverse proxy.
Steps:
- Open the
web.configfile of your application. - Add the following URL rewrite rules inside the
<system.webServer>section:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="HTTP to HTTPS Redirect" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
Explanation
Option 1: HTTP to HTTPS Redirect in web.config
When configuring a redirect in the web.config file, the following rules are applied:
-
<match url="(.*)" />: Captures all URLs. -
<conditions>: Checks if the request is not HTTPS ({HTTPS} = off). -
<action type="Redirect" />: Redirects to the same URL but withhttps://.
This method is ideal if you're not using a reverse proxy and want to handle the redirect directly within your ASP.NET application.
Option 2: HTTP to HTTPS Redirect in a Reverse Proxy
If you're using a reverse proxy (like Apache, Nginx, or Azure Application Gateway), the redirect should be configured in the proxy, not in IIS. This avoids conflicts and ensures traffic is handled correctly.
Example with Nginx
- Open the Nginx configuration file (e.g.,
/etc/nginx/nginx.confor/etc/nginx/sites-available/default). - Add the following configuration to redirect HTTP to HTTPS:
server {
listen 80;
server_name myapp.com;
# Redirect all HTTP traffic to HTTPS
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name myapp.com;
# SSL configuration
ssl_certificate /path/to/certificate.crt;
ssl_certificate_key /path/to/private.key;
# Pass traffic to IIS
location / {
proxy_pass http://localhost:80; # Adjust the port if necessary
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Explanation
First
serverblock: Redirects all HTTP traffic (port 80) to HTTPS (port 443).
This ensures that any request coming over HTTP is automatically upgraded to a secure HTTPS connection.Second
serverblock: Handles HTTPS traffic and redirects it to IIS.
This block manages the secure traffic and ensures it is properly routed to your application.
Why Can't You Have Both Configurations at the Same Time?
If you configure the redirect in both web.config and the reverse proxy, conflicts and unexpected behaviors may occur, such as:
- Double redirection: The browser might receive multiple redirect instructions, causing errors or infinite loops.
- Loss of information: Headers or other request data might be lost during the redirect process, leading to broken functionality.
Recommendation
If you use a reverse proxy:
Configure the HTTP to HTTPS redirect in the proxy (e.g., Nginx, Apache) and disable any redirects in IIS. Avoid using the rewrite rule inweb.configto prevent conflicts.If you don't use a reverse proxy:
Configure the redirect in theweb.configfile of your application. This ensures that IIS handles the redirection directly.
Top comments (0)