I have set up Confluence via IIS redirection using port 80 as described in the many instructions. However, page access is about 10x slower now than if i connect directly to confluence via the 8090 port. Is there any way to make this fast again? If i deploy this, i'm sure i will catch a bunch of heck over the speed of the page loads.
System: Windows Server 2008 R2, IIS 7.5 (i think that is the right version, it's at least 7 obviously)
Let me know if you have any suggestions or need more information to help. Thanks.
Well, i was able to make the rewriting of the URL extremely fast, but it is completely different from the directions given by Atlassian. Anyone needing to use IIS or wanting the additional features of using IIS, should follow my directions below:
I referenced some of the directions found here: http://www.iisadmin.co.uk/?p=326&page=2
However, they are not directly related to confluence or my configuration, so i included my exact method above.
Let me know if you have any questions.
The Rewrite rules are at the site level. The only thing at the global level is turning on the proxy and unchecking the "Reverse rewrite host in response headers" checkbox. The reason we did it at the site level is so that we already can limit the traffic going into the Rewrite rules via host headers in IIS thus making the Rewrite rules easier to configure. We did this because we are running Confluence and Fisheye on the same machine running through IIS as a proxy. Then we just use host headers to split them out as href="https://confluence.company.com%20">https://confluence.company.com and http://fisheye.company.com.
I have added 3 additional sections to my guide
Hope that helps some others.
@Isaac, I have it working with SSL currently. All you have to do is set up SSL as per normal on the IIS site, and IIS will take care of all the SSL stuff. If you are using Host Headers to host multiple instances of Confluence or even other web services, then you will have to create a SAN (Subject Alternate Name) Cert or Wildcard cert to use with IIS. Also, you would then have to use the command line to set the host headers for the different sites in IIS because as of IIS7 it only allows a single Cert to be used for all sites, and does not allow the use of host headers.
Here is the command to set host headers with SSL on your IIS sites:
C:\Windows\System32\inetsrv\appcmd set site /site.name:"<IISSiteName>" /+bindings.[protocol='https',bindingInformation='*:443:<hostHeaderValue>']
If you haven't done SSL in IIS before, i would start with the following guide: http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis#IISManager
This only shows how to do a self-signed cert, which means that users will get a certificate error unless they install the cert into their trusted store.
If you get a CA signed cert, then you can probably start with this guide in order to get the Cert onto your server. Then it will be available in the SSL Certificate dropdown in IIS. http://technet.microsoft.com/en-us/library/cc754489.aspx
Hope that leads you in the right direction.
I followed the instructions, added the https bind. Still nothing. I'm able to access it via http but https no I get this
Did you do any other modification to the IIS settings or to the confluence server.xml??
You do have to tell Confluence Tomcat that you are accessing it via a proxy by adding the following lines to your Connector in your server.xml:
scheme="https" proxyPort="443" proxyName="confluence.company.com"
Other than that, i think i included everything in my guide above. Let me know if that helps.
Being honest with you, actually IIS is not a supported platform for Confluence so it will be a little hard to troubleshoot this. As a first approach I would suggest you to double-check the steps of this configuration based on the following article:
Maybe there's some detail in the configuration of the IIS itself that is causing this slowness, so this review would be interesting. I hope this helps.
Yes, that is the documentation that i explicitely followed in order to get isapi redirection working for confluence. I have reviewed that documentation many times over to try to see if there were any differences or any reasons why the performance would be noticably different. However, i have no idea why the performance is different.
Let me know if i need to provide any more information to help diagnose this issue. Thanks.
Giving you another insight, it might be that you have already solved this, but in case you are still wondering, it could be Proxy or Firewall.
There are 2 pages where state the same behavior:
I understand that due some restrictions in your Company you might need to use IIS, but Apache could be a little faster then it. Might be worth it.
And watch about the Heck's!
p.s. Just kidding about the heck stuff :)
We explicitly turn off the windows firewall on our servers, and install a customized version of Symantec so that it does not monitor network traffic. The ISAPI redirection via IIS works, it is just extremely noticably slow. The reason we are needing to do this at all is because we have confluence and Fisheye on the same machine, and users of both systems want to access each via port 80. They also want an easily typed URL such as http://confluence or http://fisheye. Therefore, i would need to usehost headers in IIS to bind the separate sites to those names.
Even our own Engineers here don't know why this is slower, since they do the same process on our own software, and performance is as fast.
Any help would be appreciated. Thanks.
More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs