Manage IIS website bindings in PowerShell

An IIS website binding consists of the IP address, the TCP port, and potentially a host from which a web client can reach the site. Learn in this post how to manage IIS bindings with PowerShell.

Setting up IIS on a Windows Server installs a PowerShell module called WebAdministration and creates the IIS PowerShell drive. Using both of these items lets us create, read, modify, and remove IIS bindings with PowerShell. To demonstrate this, you'll first either need to RDP to the web server directly and open up a PowerShell console or use PowerShell remoting to connect to a remote session. Since I'm not up for RDPing to a server, I'll connect to my web server via PowerShell remoting.

Once connected to my session, I'll then need to import the WebAdministration module gained when installing the Web-Server Windows feature.

Querying web bindings ^

Once authenticated, I'm ready to get started. First, since a binding is no good without a website, I'll first ensure I can query my default website using the Get-Website cmdlet.

After I confirm I have a website available, I now need to investigate the bindings on that site. By default, you can only see the string output of the Bindings property when using Get-Website. We need to get some further information about this so I'll pipe the output to Select-Object and use the ExpandProperty parameter to see whether there's more information about bindings available if needed.

Display IIS website bindings with PowerShell

Display IIS website bindings with PowerShell

I can also approach this task of finding web bindings by using the Get-WebBinding command as well. This command will only return information about the bindings attached to a site rather than returning lots of other site information.

The information returned from Get-WebBinding is the same information as what's in the Collection property inside the binding property from the output that Get-Website returns.

Changing web bindings ^

Once we've confirmed attachment of a binding to a site, we can modify it and use the Set-WebBinding command. This command allows you to specify the website name using the Name parameter, the binding information, and the binding property you'd like to change. In the example below, I'm changing the binding attribute for my Default Web Site from port 80 to port 81.

I can then verify this change using Get-WebBinding.

As you probably already know, you can have multiple bindings attached to a single site. Using Set-WebBinding only modifies existing bindings. To create new bindings, we need to use the New-WebBinding cmdlet that allows you to point to a specific website name, provide the protocol, port, and other information to create a binding that fits your needs.

Below you can see I'm creating a new binding that binds HTTP to port 82. I'm then reading the web binding using Get-WebBinding to ensure the default website returns both bindings.

SSL bindings ^

You've been working with HTTP bindings only, but IIS also has SSL bindings you need to manage periodically. Luckily, we can perform all the same actions on SSL bindings as we do on HTTP bindings.

To work with SSL bindings, we'll use the IIS PowerShell drive instead of the cmdlets to show you a different approach.

Let's say I have a certificate installed on my web server, and I want to bind that certificate to my Default Web Site. To do this, I'd first need to read the certificate. I can do this with PowerShell by reading the certificate from the Cert: drive.

Once I have assigned the certificate to a variable, I then need to create the binding information string. Notice I'm using SSLBindings in the path. In the example below, I plan to bind the certificate to listen on all IP addresses bound to port 445.

Finally, I can pipe the certificate I just gathered to the SSLBindings object I retrieved above to create the SSL binding.

PowerShell's WebAdministration module and IIS drive are great resources to use when needing to automate or manage IIS web bindings via the command line.

Join the 4sysops PowerShell group!

Your question was not answered? Ask in the forum!

4+
Share
6 Comments
  1. Sean 1 year ago

    this is good stuff!  you rock dude!

    1+

  2. Jae Soca 10 months ago

    This is a life saver !! Great write-up for a beginner PS person

    0

  3. John 8 months ago

    What if you have multiple sites and you want each their own cert?

    0

  4. @John

    You need to have a unique combination of IP & Port to manage multiple SSL sites on the server.  So, you can bind multiple IP's first, or you can use a separate port for the SSL traffic for each site.

    So, you would use multiple New-WebBinding commands for each site (ip/port).

    David F. 

    0

  5. AP 7 months ago

    I'm trying to use the Set-WebBinding command to just change the IP address of the binding. Very similar to your changing the port from 80 to 81. No matter what I try it fails.

    0

    • SS 7 months ago

      I am running into the same issue.  Any solutions for this?

      0

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2020

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account