Article ID: 326086 - Last Review: July 7, 2008 - Revision: 5.2

HOW TO: Isolate Web Applications into Their Own Process

View products that this article applies to.
This article was previously published under Q326086
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspx (http://www.microsoft.com/technet/security/prodtech/IIS.mspx)
For more information about IIS 7.0, visit the following Microsoft Web site:
http://www.iis.net/default.aspx?tabid=1 (http://www.iis.net/default.aspx?tabid=1)

On This Page

Expand all | Collapse all

SUMMARY

This step-by-step article describes how to isolate applications in Internet Information Server (IIS) 4.0 and Internet Information Services (IIS) versions 5.0 and later in their own respective processes.

In this article, all isolation steps are performed at the Web site level instead of at the virtual directory level. If an application must be isolated at the virtual directory level, follow the same steps, but use the Virtual Directory tab instead of the Home Directory tab.

Back to the top

IIS 4.0

  1. Click Start, point to Program Files, click Windows NT 4.0 Option Pack, click Microsoft Internet Information Server, and then click Internet Service Manager.
  2. In the Internet Service Manager (ISM), right-click the Web site that you want to isolate, and then click Properties.
  3. In the Web site Properties dialog box, click the Home Directory tab.
  4. On the Home Directory tab, click to select the Run in separate memory space check box.
  5. Click OK.

    Note Because the IIS services are already running and the site is currently in the Inetinfo (Inetinfo.exe) process, you must restart the IIS services. You do not have to do this right away. To do this, follow these steps:
    1. Click Start, click Run, type cmd, and then click Run.
    2. At the command prompt, type net stop iisadmin /y.
    3. When the services have stopped, type the following to restart each individual service that is installed:
      • WWW: net start w3svc
      • File Transfer Protocol (FTP): net start msftpsvc
      • Simple Mail Transfer Protocol (SMTP): net start smtpsvc
      • Network News Transfer Protocol (NNTP): net start nntpsvc
Back to the top

IIS 5.0

  1. Click Start, point to Program Files, point to Administrative Tools, and then click Internet Services Manager.
  2. In the ISM, right-click the Web site that you want to isolate, and then click Properties.
  3. In the Web site Properties dialog box, click the Home Directory tab.
  4. Under Application Settings, click High (Isolated) in the Application Protection drop-down list.
  5. Click OK.

    Note You do not have to restart IIS services for this change to take effect. The Web server will finish processing any current requests for the application before creating a separate process. At the next request for the application, it will run in a separate memory space.
Back to the top

IIS 5.1

  1. Click Start, click Control Panel, point to Administrative Tools, and then click Internet Information Services.
  2. In the Internet Information Services Manager (ISM), right-click the Web site that you want to isolate in its own process, and then click Properties.
  3. In the Web site properties, click the Home Directory tab.
  4. Under Application Settings, click High (Isolated) in the Application Protection drop-down list.
  5. Click OK.

    Note You do not have to restart IIS services for this change to take effect. The Web server will finish processing any current requests for the application before creating a separate process. At the next request for the application, it will run in a separate memory space.

Back to the top

REFERENCES

324464  (http://support.microsoft.com/kb/324464/ ) Support WebCast: Microsoft Internet Information Server Process Model
For the Microsoft PowerPoint presentation only, visit the following Microsoft Web site:
http://support.microsoft.com/servicedesks/webcasts/wc062602/WC062602.ppt (http://support.microsoft.com/servicedesks/webcasts/wc062602/wc062602.ppt)
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:
279729  (http://support.microsoft.com/kb/279729/EN-US/ ) Web Pages Not Serving from IIS
297989  (http://support.microsoft.com/kb/297989/EN-US/ ) PRB: Configured Identity Is Incorrect for IWAM Account
294774  (http://support.microsoft.com/kb/294774/EN-US/ ) MS01-044: IIS Loads ISAPI Extension In-Process Even When Application Is Marked for High Isolation
290884  (http://support.microsoft.com/kb/290884/EN-US/ ) HOWTO: Determine Which Application Is Running Within a COM+ or Transaction Server Package
Back to the top
APPLIES TO
  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Services version 5.1
Back to the top
Keywords: 
kbhowtomaster KB326086
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations

 

Related Support Centers