IIS has 2 Modes, Kernal Mode & User mode
In Kernal mode, we have “HTTP.SYS” is also called as HTTP request listeners or HTTP protocol stag or Kernel Mode device driven, It will listen for HTTP Request coming to IIS and dispatch them to corresponding application pool requests . HTTP.sys will maintain separate queue for each application pool
in User mode we have application pools. Http.sys will send the requests from kernal mode to user mode through Application pool queue.
Https.Sys will get the configuration from applicationhost.config and w3svc service will help in fetching that configuration
What is Difference between Kernel Mode & User Mode? - CLICK HERE
There are different components in IIS:
HTTP.sys: At the core of IIS architecture is the HTTP.sys kernel-mode driver. This component is responsible for receiving and processing incoming HTTP requests. It's the first point of contact for all incoming web traffic and acts as a listener for HTTP requests. HTTP.sys provides features like request queuing, SSL/TLS encryption, and IP address filtering.
Application Pools: Application pools are isolated environments that host one or more web applications. Each application pool runs in its own worker process (w3wp.exe), providing isolation, resource management, and security. Application pools help prevent one application's issues from affecting others and allow administrators to configure settings for recycling, runtime versions, and more.
Worker Process (w3wp.exe): A worker process is a dedicated instance of an application pool that runs web applications. It processes incoming requests, executes server-side code, and returns responses. Each worker process operates independently, serving one or more web applications within its associated application pool.
Modules and Handlers: IIS uses modules and handlers to process and manage various types of requests. Modules are responsible for adding functionality to IIS, such as authentication, compression, caching, and URL rewriting. Handlers are specific to processing different types of requests, like static files (e.g., HTML, CSS) or dynamic content (e.g., ASP.NET pages).
Configuration System: IIS configuration is stored in XML-based configuration files (e.g., applicationHost.config, web.config) that define settings for the server, websites, and applications. The configuration system allows administrators to control various aspects of IIS behavior, such as security, authentication, compression, and more.
URL Routing and Rewrite: IIS supports URL routing and rewriting, allowing administrators to define custom URL patterns and rules for redirecting or rewriting incoming requests. This is useful for creating search-engine-friendly URLs or handling URL changes during site migrations.
Authentication and Authorization: IIS provides authentication mechanisms (e.g., Basic, Digest, Windows, Forms) to verify user identities. Authorization rules determine which users or groups have access to specific resources based on their roles or permissions.
Logging and Diagnostics: IIS captures detailed information about web requests and server events in log files. These logs are crucial for monitoring server performance, diagnosing issues, and analyzing traffic patterns.
Global and Site-Level Configuration: IIS architecture supports global settings that apply to the entire server and site-level settings that are specific to individual websites. This separation allows administrators to configure server-wide features and customize settings for each site.
Extensions and Add-Ons: IIS can be extended through various modules, components, and add-ons that enhance its capabilities. For example, ASP.NET and PHP frameworks are integrated with IIS to enable dynamic web application development.
Overall, the IIS architecture is designed to provide a scalable, secure, and high-performance platform for hosting web applications and services, catering to various business and technical requirements.