On four Win Server 2008 R2 boxes, we have MS Deploy installed. It listens on port 80 and 8172 which throws into doubt all the other material out there on the web about how there's no need to change the port 80 default when running on IIS 7.
I can't understand it. Why is it using BOTH ports? I can't follow the instructions to move it to 8172 since it has something already registered there.
There are two problems it causes: 1) an extra attack surface I want to close 2) it keeps our load-balancer from detecting when IIS is stopped and customers get 404s from MsDepSvc!
It's so stupid.
I think I have worked this out.
There are two Web Deploys in the world. One that is installed with Web Management Service (WMSvc) and people call it Web Deploy anyway and use it via Visual Studio via :8172/msdeploy.axd and then there's Web Deploy, the extra thing you install to allow publishing from the public internet.
All this time, me and my colleagues and people I've worked with at different companies, have all been needlessly installing Web Deploy and then, not even using it.
That's my theory. And now I will go and disable MsDepSvc and see if it holds.
Update 1 - This is incorrect. Sort of.
On a new server, thinking that Web Deploy is built-in to WMSvc, I kept getting 404.7 errors from msdeploy.exe until I installed Web Deploy - because a nice fella named Richard said "Web Deploy registers a handler with WMSvc".
Ha! So deployment is not natively a part of WMSvc. And after installing Web Deploy, you end up with two deployment handlers, one in WMSvc and the other a dedicated Windows Service MsDepSvc and you can disable the MsDepSvc to prevent it sucking on port 80 and fooling your load-balancer into thinking the server is up when its down!
Getting a 404 from WMSvc via MSDeploy.exe
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With