Is HTTP.sys a filter (lower/upper) or a function driver (FDO for a PDO)?

Question

I am currently researching (for personal purposes only) whether it is possible to write a filter driver that sits under HTTP.sys in order to intercept requests.

The idea is to investigate whether it's possible to override the 503 Service Unavailable screen (because apparently, it's impossible to override or change it).

The issue is I am not sure how HTTP.sys is implemented, whether it's a filter driver that sits underneath some network driver or whether HTTP.sys is used by some virtual device.

Answer 1

I think it is not possible to override the 503 error response from http.sys.Looking at the http 2 api reference,we can only override verbosity. http.sys driver listens for http requests and passes it to the service which is listening on IP:hostname:port combination.

You can override 503 from iis side but not from http.sys .So a simple trick (not that good) is to setup a ARR + UrlRewrite reverse proxy and whenever your back end service throws 503,you can throw custom 503 from frontend like this .

www.example.com:80 => exampleweb:80 => localhost:8080(actual website).

And your actual site is on port 8080. If it throws 503,then you can throw custom 503 from exampleweb

But this will still give 503 error if the frontend goes down but if it is just used as a reverse proxy, then that is very unlikely. As I was saying this is not definitely a good way but may be better than writing a filter driver .

Answer 2

I believe IIS does not allow you to override 503 (and some others)... but what you 'can' do is to slap httpd in front of it and use the reverseproxy & rewrite modules to modify the response.

Something like this:

• Set IIS to listen on some internal ports, ex. 8080, 4434.. whatever you need
• Set up httpd in front of it to listen on the ports you want, ex. 80 and 443
• Set up reverseproxy rules to forward all requests accordingly, ex. 80->8080 and 443->4434
• Set up rewriterules to modify the response if it is a 503