HTTP.sys is a web server for ASP.NET Core that only runs on Windows. It’s an alternative to the Kestrel server and offers some features that Kestrel doesn’t provide. HTTP.sys is a kernel-mode driver present in Windows that greatly speeds up the processing and routing of incoming HTTP requests.
HTTP.sys supports the following features:
- Windows Authentication
- Port sharing
- HTTPS with SNI
- HTTP/2 over TLS (Windows 10 or later)
- Direct file transmission
- Response caching
- WebSockets (Windows 8 or later)
HTTP.sys is useful for deployments where:
- There’s a need to expose the server directly to the Internet without using IIS.
- An internal deployment requires a feature not available in Kestrel.
HTTP.sys is mature technology that protects against many types of attacks and provides the robustness, security, and scalability of a full-featured web server. IIS itself runs as an HTTP listener on top of HTTP.sys.
However, it’s important to note that HTTP.sys isn’t compatible with the ASP.NET Core Module and can’t be used with IIS or IIS Express.
In terms of how it works, HTTP.sys communicates directly with the Internet. It’s a component that hijacks incoming HTTP requests (on port 80 and 443, you can configure it to monitor other ports too) and routes them to different userland applications based on its configuration. Because it’s built on Http.Sys, HTTP.sys doesn’t require a reverse proxy server for protection against attacks.