IIS (Internet Information Services) Analyzer Tool

/0 Comments/in /by 
<#
.SYNOPSIS
IIS (Internet Information Services) Analyzer Tool

.DESCRIPTION
This script analyzes and audits IIS configurations, including websites, application pools,
bindings, SSL certificates, and other related settings on Windows Servers.

.NOTES
File Name      : IISAnalyzer.ps1
Author         : [Your Name]
Prerequisite   : PowerShell V5.1 or later, WebAdministration module, and appropriate permissions
Version        : 1.0
Date           : [Current Date]

.EXAMPLE
.\IISAnalyzer.ps1
#>

# Check if WebAdministration module is available
if (-not (Get-Module -ListAvailable -Name WebAdministration)) {
    Write-Host "WebAdministration module not found. Please ensure IIS is installed with management tools." -ForegroundColor Red
    exit
}

# Import required module
Import-Module WebAdministration

# Global variables
$global:reportPath = "$env:USERPROFILE\Desktop\IIS_Analysis_Report_$(Get-Date -Format 'yyyyMMdd_HHmmss').html"

<#
.SYNOPSIS
Displays the main menu of the tool.
#>
function Show-Menu {
    Clear-Host
    Write-Host "=== IIS Analyzer Tool ===" -ForegroundColor Cyan
    Write-Host "1. Analyze Websites"
    Write-Host "2. Review Application Pools"
    Write-Host "3. Analyze Bindings and SSL Certificates"
    Write-Host "4. Check Virtual Directories"
    Write-Host "5. Review HTTP Response Headers"
    Write-Host "6. Analyze Authentication Settings"
    Write-Host "7. Check Logging Configuration"
    Write-Host "8. Generate Comprehensive HTML Report"
    Write-Host "9. Exit"
}

<#
.SYNOPSIS
Analyzes IIS Websites.

.OUTPUTS
Array of PSObjects containing Website details.
#>
function Analyze-Websites {
    Write-Host "`nAnalyzing Websites..." -ForegroundColor Yellow
    $websites = Get-Website
    $results = @()
    foreach ($site in $websites) {
        $results += [PSCustomObject]@{
            Name = $site.Name
            ID = $site.ID
            State = $site.State
            PhysicalPath = $site.PhysicalPath
            ApplicationPool = $site.ApplicationPool
            Bindings = ($site.Bindings.Collection | ForEach-Object { "$($_.Protocol)/$($_.BindingInformation)" }) -join ", "
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Reviews Application Pools.

.OUTPUTS
Array of PSObjects containing Application Pool details.
#>
function Review-ApplicationPools {
    Write-Host "`nReviewing Application Pools..." -ForegroundColor Yellow
    $appPools = Get-IISAppPool
    $results = @()
    foreach ($pool in $appPools) {
        $results += [PSCustomObject]@{
            Name = $pool.Name
            State = $pool.State
            ManagedRuntimeVersion = $pool.ManagedRuntimeVersion
            ManagedPipelineMode = $pool.ManagedPipelineMode
            StartMode = $pool.StartMode
            IdentityType = $pool.ProcessModel.IdentityType
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Analyzes Bindings and SSL Certificates.

.OUTPUTS
Array of PSObjects containing Binding and SSL Certificate details.
#>
function Analyze-BindingsAndSSL {
    Write-Host "`nAnalyzing Bindings and SSL Certificates..." -ForegroundColor Yellow
    $websites = Get-Website
    $results = @()
    foreach ($site in $websites) {
        foreach ($binding in $site.Bindings.Collection) {
            $cert = $null
            if ($binding.Protocol -eq "https") {
                $cert = Get-ChildItem -Path "Cert:\LocalMachine\My" | Where-Object {$_.Thumbprint -eq $binding.CertificateHash}
            }
            $results += [PSCustomObject]@{
                Website = $site.Name
                Protocol = $binding.Protocol
                BindingInfo = $binding.BindingInformation
                SSLThumbprint = if ($cert) { $cert.Thumbprint } else { "N/A" }
                SSLExpirationDate = if ($cert) { $cert.NotAfter } else { "N/A" }
            }
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Checks Virtual Directories.

.OUTPUTS
Array of PSObjects containing Virtual Directory details.
#>
function Check-VirtualDirectories {
    Write-Host "`nChecking Virtual Directories..." -ForegroundColor Yellow
    $vdirs = Get-WebVirtualDirectory
    $results = @()
    foreach ($vdir in $vdirs) {
        $results += [PSCustomObject]@{
            Name = $vdir.Name
            PhysicalPath = $vdir.PhysicalPath
            Application = $vdir.Application
            Website = $vdir.Website
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Reviews HTTP Response Headers.

.OUTPUTS
Array of PSObjects containing HTTP Response Header details.
#>
function Review-HTTPResponseHeaders {
    Write-Host "`nReviewing HTTP Response Headers..." -ForegroundColor Yellow
    $websites = Get-Website
    $results = @()
    foreach ($site in $websites) {
        $headers = Get-WebConfigurationProperty -Filter "system.webServer/httpProtocol/customHeaders" -PSPath "IIS:\Sites\$($site.Name)" -Name "."
        foreach ($header in $headers.Collection) {
            $results += [PSCustomObject]@{
                Website = $site.Name
                HeaderName = $header.Name
                HeaderValue = $header.Value
            }
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Analyzes Authentication Settings.

.OUTPUTS
Array of PSObjects containing Authentication Setting details.
#>
function Analyze-AuthenticationSettings {
    Write-Host "`nAnalyzing Authentication Settings..." -ForegroundColor Yellow
    $websites = Get-Website
    $results = @()
    foreach ($site in $websites) {
        $authTypes = @("Anonymous", "Basic", "Windows", "Digest")
        $authSettings = @{}
        foreach ($authType in $authTypes) {
            $authSettings[$authType] = (Get-WebConfigurationProperty -Filter "system.webServer/security/authentication/$authType`Authentication" -PSPath "IIS:\Sites\$($site.Name)" -Name "enabled").Value
        }
        $results += [PSCustomObject]@{
            Website = $site.Name
            AnonymousAuth = $authSettings["Anonymous"]
            BasicAuth = $authSettings["Basic"]
            WindowsAuth = $authSettings["Windows"]
            DigestAuth = $authSettings["Digest"]
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Checks Logging Configuration.

.OUTPUTS
Array of PSObjects containing Logging Configuration details.
#>
function Check-LoggingConfiguration {
    Write-Host "`nChecking Logging Configuration..." -ForegroundColor Yellow
    $websites = Get-Website
    $results = @()
    foreach ($site in $websites) {
        $logFile = Get-WebConfigurationProperty -Filter "system.applicationHost/sites/site[@name='$($site.Name)']/logFile" -PSPath "MACHINE/WEBROOT/APPHOST" -Name "."
        $results += [PSCustomObject]@{
            Website = $site.Name
            LogFormat = $logFile.logFormat
            Directory = $logFile.directory
            Enabled = $logFile.enabled
            Period = $logFile.period
        }
    }
    $results | Format-Table -AutoSize
    return $results
}

<#
.SYNOPSIS
Generates a comprehensive HTML report of all analyses.

.PARAMETER AllResults
Hashtable containing all analysis results.

.OUTPUTS
Saves an HTML report to the desktop.
#>
function Generate-HTMLReport {
    param([hashtable]$AllResults)

    Write-Host "`nGenerating Comprehensive HTML Report..." -ForegroundColor Yellow
    $reportContent = @"
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>IIS Analysis Report</title>
    <style>
        body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; max-width: 1200px; margin: 0 auto; padding: 20px; }
        h1, h2, h3 { color: #0078D4; }
        table { border-collapse: collapse; width: 100%; margin-bottom: 20px; }
        th, td { border: 1px solid #ddd; padding: 8px; text-align: left; }
        th { background-color: #f2f2f2; }
    </style>
</head>
<body>
    <h1>IIS Analysis Report</h1>
    <p>Generated on: $(Get-Date)</p>

    <h2>Websites</h2>
    $($AllResults.Websites | ConvertTo-Html -Fragment)

    <h2>Application Pools</h2>
    $($AllResults.ApplicationPools | ConvertTo-Html -Fragment)

    <h2>Bindings and SSL Certificates</h2>
    $($AllResults.BindingsAndSSL | ConvertTo-Html -Fragment)

    <h2>Virtual Directories</h2>
    $($AllResults.VirtualDirectories | ConvertTo-Html -Fragment)

    <h2>HTTP Response Headers</h2>
    $($AllResults.HTTPResponseHeaders | ConvertTo-Html -Fragment)

    <h2>Authentication Settings</h2>
    $($AllResults.AuthenticationSettings | ConvertTo-Html -Fragment)

    <h2>Logging Configuration</h2>
    $($AllResults.LoggingConfiguration | ConvertTo-Html -Fragment)
</body>
</html>
"@

    $reportContent | Out-File -FilePath $global:reportPath
    Write-Host "Report generated and saved to: $global:reportPath" -ForegroundColor Green
}

# Main program loop
$allResults = @{}

do {
    Show-Menu
    $choice = Read-Host "`nEnter your choice (1-9)"

    switch ($choice) {
        "1" { $allResults.Websites = Analyze-Websites }
        "2" { $allResults.ApplicationPools = Review-ApplicationPools }
        "3" { $allResults.BindingsAndSSL = Analyze-BindingsAndSSL }
        "4" { $allResults.VirtualDirectories = Check-VirtualDirectories }
        "5" { $allResults.HTTPResponseHeaders = Review-HTTPResponseHeaders }
        "6" { $allResults.AuthenticationSettings = Analyze-AuthenticationSettings }
        "7" { $allResults.LoggingConfiguration = Check-LoggingConfiguration }
        "8" { Generate-HTMLReport -AllResults $allResults }
        "9" { Write-Host "Exiting program..." -ForegroundColor Yellow; break }
        default { Write-Host "Invalid choice. Please try again." -ForegroundColor Red }
    }

    if ($choice -ne "9") {
        Read-Host "`nPress Enter to continue..."
    }
} while ($choice -ne "9")

This IIS Analyzer Tool includes:

  1. A menu-driven interface for easy navigation.
  2. Functions to analyze various aspects of IIS:
    • Website analysis
    • Application Pool review
    • Bindings and SSL Certificate analysis
    • Virtual Directory check
    • HTTP Response Header review
    • Authentication Settings analysis
    • Logging Configuration check
  3. Comprehensive error handling for each analysis function.
  4. A function to generate an HTML report of all collected data.

Key features:

  • Detailed analysis of IIS Websites and their configurations
  • Review of Application Pools and their settings
  • Analysis of Bindings and SSL Certificates, including expiration dates
  • Examination of Virtual Directories
  • Overview of custom HTTP Response Headers
  • Analysis of Authentication Settings for each website
  • Review of Logging Configurations
  • Comprehensive HTML report generation

This tool is particularly useful for:

  • IIS Administrators managing web servers
  • System administrators overseeing IIS configurations
  • Security professionals auditing web server settings
  • DevOps engineers managing IIS deployments

To use this script effectively:

  1. Run PowerShell as an administrator
  2. Ensure IIS is installed with the management tools (which includes the WebAdministration module)
  3. Have the necessary permissions to query IIS configurations

This script provides a comprehensive overview of IIS configurations on a Windows Server, making it easier to audit and maintain IIS settings, websites, and application pools. It can significantly streamline the process of managing and documenting IIS configurations in enterprise environments.

You might also like
JSON File Validator Tool
Active Directory Certificate Services (AD CS) Analyzer
Firewall Analyzer Tool
System Information Gatherer
Network Traffic Analyzer Tool
Task Manager and Process Monitor
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *