Wade Hilmo

In my last post, I gave a bit of background on the Application Warm-Up module, now called Application Initialization.  This week, I would like to go into more detail as to what the Application Initialization module does, and how you should think about using it.

“IIS is a demand-driven web server, i.e. IIS does things only when asked for…”

Recently, the question came up about why it is not possible for IIS to handle a URL that contains a ‘%’ character that is not part of an escape sequence.  The resulting discussion produced some informative references to the relevant RFC documents and also included some anecdotes on URL canonicalization.

It’s been a busy few days on the IIS Security Team.

We've had a few people on our forums asking about running Perl on IIS 7. This led to some discussion on the team about getting it to work with FastCGI.

2008 has been a busy year for attackers exploiting SQL Injection vulnerabilities in web applications.  Once again, I am finding questions about this subject in my inbox.

This article is specific to IIS 7 and later.  If you are using IIS 6.0 or earlier, please see this article.

This article is specific to IIS 6 and earlier.  If you are using IIS 7.0 or later, please see this article.