Audit and configuration of IIS web server

HTTP request flow inside Microsoft IIS

Classic ASP Logo - Active Server Pages

How to drastically improve IIS performance for Classic ASP

Microsoft IIS Settings adjustments

Improve speed and stability

Our IIS 7/8/10 web server configuration audit service consists of investigating your server infrastructure as well as all the used components that contribute to the exploitation of your ASP 3 based website. This process is aimed at identifying, reducing and / or eliminating the symptoms you have told us. The main goal is to bring you significant gains in speed, stability, as well as the load capacity of your application. Our service implements all human, technical, computer and documentary resources to achieve this objective.

Our IIS 7/8/10 configuration audit service

IIS websites modules auditing
IIS website HTTP compression configuration
IIS Application Pool configuration

When is an IIS configuration audit needed?

  • You are experiencing premature loss of sessions
  • Accessing your Classic ASP websites / applications is slow
  • Accessing your Classic ASP websites / applications does not support scalability when too many visits occurs
  • Your ASP website encounters too many HTTP 500 errors "Internal Server Error"
  • Your ASP website encounters frequent HTTP 503 errors "Service Unavailable" or "Server Too Busy"
  • You need to improve IIS Application Pools recycling
  • The security of your application does not meet your expectations

We know how to deal with the following layers of your infrastructure:

Microsoft® IIS
ASP Classic
ActiveX Components
Windows Server 2003/2008
Windows Server 2016 / 2019 / 2022

Veeam BR
VMWare ESXi (vSphere Hypervisor)

Microsoft SQL Server

Microsoft® JScript
Microsoft® Access
LJW LogAnalyzer®


Our IIS server audit and diagnostics methodology

  1. Windows Server properties

    Description of the concerned infrastructure:

  2. Description of problems encountered by Microsoft Internet Information Services

    Description of the encountered symptoms:

  3. IIS Application Pools examination
    IIS URL length
    Microsoft IIS Request filtering

    Audit and detailed diagnosis of IIS:

    • Review the general configuration of your Windows server,
    • Review of the general IIS Web server configuration,
    • Examination of the specific concerned website configuration,
    • Examination of the IIS Application Pool(s) running your ASP code, including parameters affecting the sessions management and duration, queue limits management, memory management, temporary files parameters, Application pool(s) recycling conditions, Handlers order, compression parameters, cache rules, URL rewriting parameters,
    • Examination of the System.WebServer configuration, including properties referring to requests limits, HTTP responses, session-related properties, concurrent connections and scripts execution timeout parameters,
    • Review of the HTTP web server registry keys and values.
  4. Review of the Windows Event Log for IIS
    Review of the Microsoft IIS logs
    Review of the HTTP.SYS logs
    Error monitoring and reporting with LJW LogAnalyzer®

    Analysis of the Windows Events, IIS & HTTP logs:

  5. IIS configuration Audit report

    Detailed analysis report:

  6. Precautions before applying changes to IIS

    Changes Scheduling

  7. List of parameters to modify to improve IIS performance

    IIS Configuration tuning

  8. Post-action Control and tracking

IIS configuration Audit report
Precautions before applying changes to IIS
Recommendations to boost IIS performance
Recommendations to boost IIS performance
Auditing IIS with LJW Loganalyzer®
Protect an IIS website with web.config
Tuning HTTP.SYS registry keys
Optimize IIS with WMI

Limits of our IIS configuration audit service

Analyze IIS in Performance Monitor

IIS performance in Task Manager
COM+ resources management in Classic ASP scripts

We tune your IIS configuration methodically

We know that going "rummage" through the arcanes of the "Configuration Editor" and the "applicationHost.config" files is a delicate operation that need to be performed with calm, method and precaution. For this reason, each of the optimizations we make is based on a specific argument coming from the report we give you following the audit of your actual configuration. We then apply changes in a structured way and in a prioritized manner.

Precautions before applying changes to IIS

We provide a rollback plan

Although our experience makes us sure of our recommendations, we know that no change is magic, and that edge cases can always occur. That's why we work with your IT teams to prioritize our recommendations and establish a secure deployment schedule so that the consequences of each change can be tracked and evaluated before continuing to apply further optimizations. In addition, to provide optional rollbacks abilities, all applied tuning and their implementation date are recorded, as well as the effects and consequences noted as output. This way, nothing is definitive or irreversible.

A preserved integration of your COM+ components

Advanced "web.config" rules

Windows Server installation and configuration
& migration to Windows Server 2016/2019/2022

We respect an absolute privacy

We know that giving us an access to your production servers is one of the most important decisions. Your critical applications must not suffer from any approximation, nor never be at risk. That is why, as part of each of our IIS server audit engagements, we redact a written document in which we explicitly commit ourselves to many points. This document is aimed at clarify our intervention perimeter with your IT department and your legal department.

  • During the audit and diagnostic phase, we will not make any changes to your system, configuration, data, or source code. As a result, no malfunction can be attributed to us during this analysis phase, and your application will continue to operate in its initial state.
  • We are committed to maintaining strict a confidentiality and an absolute security regarding all information to which we will have access, including: your source code, your infrastructure and the software you operate, the configuration of your system, your business data, access codes that you will communicate to us.
  • We respect a full transparency towards you regarding the requested service providers. We prohibit ourselves from subcontracting any portion of our services to a third party, except in the case of an explicit agreement with you, specifically mentioning the concerned parts of the work.
  • Being fully aware of the criticality of your infrastructure and data for your business, we officially commit ourselves to :
    • Only download the files we need, and do not keep any copies after, —according to your choice—, the date of delivery of our recommendations, or the closing date of our corrective action application,
    • Allow access to your server to only one member of our team, whose a copy of the ID Card will be communicated to you, and to only work in normal fatigue and lucidity conditions, by banishing the use of any psychoactive substance of any type,
    • Only store any downloaded data and access codes on a single workstation in our own office, running a "Non-Windows" operating system (Linux or MacOS), password-protected, accessible to the sole member of our team in charge of auditing your server, secured with licensed and up-to-date Antivirus software plus a bi-directional firewall regularly updated and configured in "Paranoid" mode. We guarantee you that no external access to this workstation is possible,
    • Access your data, servers and tools only from a private internet access whose characteristics and IP address will be communicated to you before the beginning of our audit mission,
    • Never access, under any circumstances, your data, servers and tools from another unsecured connection (public WIFI, HotSpot, ...) than the above-mentioned connection on the previous point,
    • Under no circumstances assign or disclose, with or without charge or compensation, all or part of the data, access codes, specific features or configurations of your system to any third party, whatever the current or future circumstances,
    • Never use, for a permanent and unlimited duration, all or part of the source code of your application for one of our current or future developments, for our own services or one of our other customers, whether in our current legal form, or any other legal form that we may adopt in the future.
  • As a result, the only benefits that we allow ourselves to draw from this work for you, are:
    • The perception of the financial emoluments agreed in our estimates/quotes,
    • An improvement of our technical knowledge, of which nothing will never allow to identify your entity.

Privacy preferencesYour privacy preferences
Your privacy is precious: we respect it.

NOTE: Your changes will be applied from the next page you will visit/load.

By using this website, you consent that we use technologies such as anonymous statistics and cookies to improve your browsing experience on our site, customise content, and analyse our traffic. This anonymous information may be shared with our trusted social media and analytics partners.

  • We do not collect any nominative data.
  • We do not store any password.
  • We use a high-end secure connection.