WSS 和创建外部可访问站点
我希望这很简单:)
当我在 WSS 中创建一个新的 Web 应用程序时,如果我想将外部域名指向它,它是否需要位于端口 80 上?
就 IIS 而言,一切都是标准的,并且开放的端口(即端口 80 是唯一开放的)。
我猜如果我让 WSS 为新的 Web 应用程序分配一个端口号,除非我打开分配的端口,否则肯定无法从外部访问?
干杯
This is simple I hope :)
When I create a new web application in WSS does it need to be on port 80 if I want to point an external domain name at it?
Everything is standard in terms of IIS and ports that are open i.e. port 80 is the only one open.
I am guessing if I let WSS assign a port number to the new web application surely this can never be accessed externally unless I open the assigned port?
Cheers
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
一般来说“是”...但您知道答案不仅仅如此:-)
免责声明:为了简单起见,我不会假设您的 WSS 站点之间有任何负载平衡交换机、防火墙和反向代理和互联网。 当您开始将网络硬件纳入考虑范围时,配置排列会急剧变化。
也就是说,我想说,更常见的情况可能是 WSS 站点管理员实际上将现有应用程序扩展到 Internet,而不是一开始就这样。 我的意思是:
您创建一个 Web 应用程序(分配给默认区域)并在其中创建一个网站集。 Web 应用程序一开始仅供您或您的组织内部使用,可以简单地通过服务器名称或 IP 地址命名,并且可能位于高端口(即非端口 80)上。
当您准备好上线网站时,您可以将现有的 Web 应用程序(通过“管理中心”>“应用程序管理”>“创建或扩展 Web 应用程序”)扩展到其他区域。 这将导致创建一个额外的 IIS 网站,通过该网站可以访问您的网站集。
当您执行 #2 时,您应该特别注意分配给扩展 Web 应用程序的端口和主机标头——它们应该与您想要向外界呈现的 URL 和端口同步。 因此,如果您希望将网站集以 http://www.itsmysite.com 形式公开到 Internet,您可以将您的 Web 应用程序扩展到端口 80 上的“www.itsmysite.com”主机标头。(再次强调:附加网络设备允许您显着改变周围的情况,所以我所说的是假设您的 Web 之间存在直接连接前端和互联网)。
当您按照步骤 #2 中所述扩展 Web 应用程序时,您将看到 SharePoint 负责在 IIS 中添加新网站,并且它将根据您在过程中指定的参数配置该网站(例如,主机标头)。扩大。 作为一般经验法则,您应该避免直接在 IIS 中更改设置 - SharePoint 负责同步场和 IIS 之间的设置(只有少数值得注意的例外,例如 SSL 证书)。
我希望这有帮助!
Generally "yes" ... but you know there's more to the answer than just that :-)
Disclaimer: for the sake of simplicity, I'm not going to assume any load balancing switches, firewalls, and reverse proxies between your WSS site and the Internet. When you start throwing network hardware into the equation, the configuration permutations jump dramatically.
That said, I'd say it's probably more common that WSS site admins actually extend existing applications to the Internet rather than starting out that way. Here's what I mean:
You create a web application (which is assigned to the default zone) and create a site collection within it. The web application starts out as being available only to you or your organization internally, may be named simply by server name or IP address, and may be on a high (i.e., non port 80) port.
When you're ready to take the site live, you extend the existing web application (via "Central Administration" > "Application Management" > "Create or extend Web application") to an additional zone. This results in the creation of an additional IIS site through which your site collection can be accessed.
When you're carrying out #2, you should pay particular attention to port and host header that you assign to the extended web application -- they should be in-sync with the URL and port you want to present to the outside world. So, if you want to expose your site collection to the Internet as http://www.itsmysite.com, you would extend your web application to a host header of "www.itsmysite.com" on port 80. (Again: additional networking equipment allows you to change things around significantly, so what I'm saying is assuming a direct connection between your web front end and the Internet).
When you extend your web application as described in step #2, you'll see that SharePoint takes care of adding a new web site within IIS, and it'll configure that site (e.g., host header) according to the parameters you specify during extension. As a general rule of thumb, you should avoid changing settings from directly within IIS -- SharePoint takes care of synchronizing settings between the farm and IIS (with only a few notable exceptions, such as SSL certificates).
I hope that helps!
如果您的防火墙规则需要,它只需位于端口 80 上。 当您在创建 Web 应用程序时选择端口时,它只是在 IIS 中设置端口。
It only needs to be on port 80 if your firewall rules require it. When you choose the port while creating the web application it is just setting the port in IIS.
最简单的方法是在 AD 中为其运行的计算机创建额外的 HOST(A) 记录。 假设您的计算机名为“weirdnamecreatedbysysadmins-01”,然后让您的系统管理员创建一个更好的名称作为主机记录,以指向相同的 IP 地址,即“外联网”。 您可以多次执行此操作。
然后,在外部 DNS(通常在您的互联网提供商处)中注册新的主机记录,并在防火墙中打开对该计算机端口 80 的请求。
THe easiest way is to create additional HOST(A) records in AD for the machine it is running on. say your machine is called 'weirdnamecreatedbysysadmins-01' then have your sysadmin create a nicer name as a HOST record to point to the same IP-addresz, i.e. 'extranet'. YOu can do this as many times you want.
Then, register the new HOST record in your external DNS (usually at your internet provider) and open request to that machine's port 80 in your firewall.