Monday, 2 May 2016

How to host PHP web application on IIS web server

Although I work as a desktop application developer I talked the other day about PHP language with one of my colleagues who is a web developer. Having at home a Windows machine which comes with IIS web server (IIS10 on Win10), I became curious about what would it take to create a simple PHP web application and host it on IIS. I decided to make a single PHP page which would display the public IP address of the host which sends request.

And here we go. I googled for a simple PHP code which echoes the IP address of the client so all credits for the code below go to the guy who answered the following question on StackOverflow: How to get the client IP address in PHP?

main.php:


Index page in PHP world might have a different standard name and I am sure this code should be rearranged and optimized but I am leaving it as it is as my goal is to make fast proof of concept.

It has been a while since I touched IIS web server last time but I remember I could add a web application under the Default Web Site. Each web application has its own directory at path c:\inetpub\wwwroot so we can save main.php at a new directory: c:\inetpub\wwwroot\WhatIsMyIp. We can then add a new application:



When IIS receives request for PHP page, it has to forward it to PHP engine which would process it. This engine is actually PHP language binding for FastCGI protocol which comes as an executable (php-cgi.exe) within a PHP pack for Windows which can be downloaded from http://windows.php.net/download/. Side note on that page says "If you are using PHP as FastCGI with IIS you should use the Non-Thread Safe (NTS) versions of PHP." so I downloaded the latest version (php-7.0.6-nts-Win32-VC14-x64.zip at the moment...) and unpacked it into arbitrary location e.g. c:\PHP\php-7.0.6-nts-Win32-VC14-x64\.

CGI has to be enabled on IIS and this can be done in Windows Features. If we click on Windows start button and type Turn Windows features on and off, Windows Features window opens. We have to go to Internet Information Services, World Wide Web Services, Application Development Features and select (tick) CGI item:



We can now add a PHP CGI handler to our website in IIS:


We also have to make sure that World Wide Web Publishing Service (W3SVC) is running:


If IIS server and Default Web Site are started, we can test our web application from the local browser:


In order to allow accessing this web site from other devices on the same LAN we have to set Inbound rule on the firewall running on the IIS host. In case of Windows Firewall we can simply enable predefined rule World Wide Web Services (HTTP Traffic-In):


I am using default port for HTTP traffic (TCP port 80) so this rule will allow all incoming packets destined for IIS host and port 80 to reach IIS process - the one which listens to HTTP requests on that port.

If we want to access website hosted on another device within the same LAN we have to know what's its IP address (or hostname if we would set up some DNS resolution within this LAN or on the client device). ipconfig command run on IIS host outputs 192.168.0.3 as its IP.

If we open browser on another device which is on the same LAN and type http://192.168.0.3/WhatIsMyIp we'll get the following:



Obviously, all IP addresses we got are their IP addresses within the same LAN because so far both server and clients were on the same network. All devices behind router have the same public IP address which is the WAN (public) address of the router. This address is usually assigned by the ISP.

The true test would be if we try to load this page from a browser on a device which is not on this network. In order to allow accessing this web site from devices which are not on the same LAN, we have to enable port forwarding for HTTP traffic on the router behind which is host with our IIS server. That could look like this:


If WAN address of this router is e.g. 74.90.112.208 we can call our web app from e.g. mobile device connected to Internet via mobile 3G or 4G interface by typing in the browser: http://74.90.112.208/WhatIsMyIp.


4 comments:

Nicole said...

https://www.offshorededi.com offers high quality DMCA Ignored Hosting. We make offshore hosting simple for you to use with reliable servers and one-click installers.

Nicole said...

Get 100% Anonymous offshore hosting from webcare360.com who standout amongst the most experienced dmca ignored hosting providers in the industry.

micheal pan said...

BE SMART AND BECOME RICH IN LESS THAN 3DAYS....It all depends on how fast 
you can be to get the new PROGRAMMED blank ATM card that is capable of
hacking into any ATM machine,anywhere in the world. I got to know about 
this BLANK ATM CARD when I was searching for job online about a month 
ago..It has really changed my life for good and now I can say I'm rich and 
I can never be poor again. The least money I get in a day with it is about 
$50,000.(fifty thousand USD) Every now and then I keeping pumping money 
into my account. Though is illegal,there is no risk of being caught 
,because it has been programmed in such a way that it is not traceable,it 
also has a technique that makes it impossible for the CCTVs to detect 
you..For details on how to get yours today, email the hackers on : (
atmmachinehackers1@gmail.com ). Tell your 
loved once too, and start to live large. That's the simple testimony of how 
my life changed for good...Love you all ...the email address again is ;
atmmachinehackers1@gmail.com

Jack son said...

In shared web facilitating, every one of the sites in the worker share a similar circle (plate space), a similar processor, a similar RAM, a similar IP and data transfer capacity and above all they share a similar working framework.
https://onohosting.com/