Basic knowledge about IIS server

After learning about IIS server, we also need to know a lot about ISS. IIS 6.0 also includes other components and services, such as FTP and SMTP services.

You can double-click "Add/delete programs" on the "control panel" to start the Windows component wizard application server to install and enable IIS components and services. After the IIS server is installed, all necessary IIS components and services required by the Web site and application must be enabled.

You should only enable the necessary IIS components and services required by Web sites and applications. Enabling unnecessary components and services will increase the attack surface of the IIS server.

For guidance on IIS component location and Recommended settings, see how to identify IIS 2003 components in Windows Server 6.0.

Only enable necessary Web service extensions

Many websites and applications running on IIS servers have extended functions beyond the scope of static pages, including the ability to generate dynamic content. Any dynamic content generated or expanded through the functions provided by the IIS server is implemented through Web service extension.

The enhanced security feature in IIS 6.0 allows you to enable or disable Web service extensions independently. After a new installation, the IIS server only transmits static content. You can use the Web Service Extension node in the IIS manager to enable the dynamic content function. These Extensions include ASP. NET, SSI, WebDAV, and FrontPage Server Extensions.

Enabling all Web service extensions ensures maximum compatibility with existing application software. However, this may bring some security risks, because when all the extensions are enabled, the features not required by the IIS server in your environment are also enabled, in this way, the IIS attack surface will increase.