Use PowerShell to Monitor IIS Websites and Application Pools

I recently received a request to write a script for monitoring IIS websites and their application pools on a specific Windows 2012 R2 server and start them if they were stopped. This is something I created fairly quickly and thought I would share. I always try to centralize any scripts I write and have them run on a job server instead of the actual server they’re querying. That way I don’t have multiple versions of the same script floating around on different servers.

An Uncommon Cause for IIS 503 Service Unavailable Errors

Recently, while migrating IIS websites to a new server, I encountered “Service Unavailable HTTP Error 503. The service is unavailable.” errors, but only for HTTPS, while HTTP worked fine. Depending on the scenario, the problem could have just as easily impacted HTTP. The server was listening on port 443: Get-NetTCPConnection -LocalPort 443 -State Listen If you ever encounter a problem like this, stop the web publishing service: Stop-Service -Name w3svc -PassThru Then check to see if the server is still listening on port 443:

Use PowerShell to Display IIS Application Pool Identity Account Passwords in Clear Text

It’s fairly common to see the identity for an IIS application pool changed to a domain user account. The following image shows three application pools, the DefaultAppPool has the default settings, the www app pool has a Managed Service Account specified, and the wwwDev app pool has a standard domain user account specified: When a standard user account is specified, the password is entered as shown below: I’ve used what you would think is a super secure password, generated by KeePass:

Using PowerShell to Find Expiring SSL Certificates & the Websites they’re Associated with

Have you recently received a notification about an expiring SSL certificate and don’t remember where all it’s used at? It’s generally not an issue to figure this out with normal certificates which are issued for a single name, but if it’s a wildcard certificate, it could be used on lots of different websites within your organization. The following PowerShell script retrieves all of the SSL certificate’s thumbprints and their expiration dates on an individual server that has IIS installed (This has only been tested on Windows Server 2008 R2).

Rename an IIS Web Application with PowerShell

Want to rename an IIS Web Application on a Windows 2008 R2 server? It’s not possible from the GUI, but it’s simple to accomplish using PowerShell. First, let’s create a web application in an existing website and then verify it exists: Import-Module WebAdministration New-Item -ItemType Directory -Path d:\iis\robbinsapps New-WebApplication -Name RobbinsApps -Site MikeFRobbins -PhysicalPath d:\iis\robbinsapps -ApplicationPool "ASP.NET v4.0" Get-ChildItem iis:\sites\mikefrobbins Here it is in the GUI: Rename the web application using PowerShell and then verify it was renamed:

Create a New IIS Website with PowerShell

On a Windows Server 2008 R2 machine, IIS has already been installed and you want to create an additional website. If necessary, an additional IP Address has been added to the server also. Use the New-Website PowerShell cmdlet to accomplish this task: Import-Module WebAdministration New-Item -type directory -path d:\iis\mikefrobbins New-Website -Name "mikefrobbins" -Port 80 -IPAddress "" -PhysicalPath d:\iis\mikefrobbins -ApplicationPool "ASP.NET v4.0" You can get a list of websites running on the server by using the Get-Website cmdlet or by running Get-ChildItem on the IIS PSDrive: