Windows security
Server security Settings
>> installation of IIS6.0
Add/Remove Windows components, add or Remove Programs, Start menu, Control Panel
The application ——— ASP. NET (optional)
|--Enabling network COM + access (required)
|--internet Information Services (IIS) ——— Internet Information Services Manager (required)
|--public files (required)
|--World Wide Web service ——— Active Server pages (required)
|--internet data connector (optional)
|--webdav Publishing (optional)
|--World Wide Web Service (required)
|--include files on the server side (optional)
>> in "Network Connections", remove unnecessary protocols and services, only basic Internet Protocol (TCP/IP) and Microsoft network clients are installed. In Advanced TCP/IP Settings – "NetBIOS" setting "Disable NetBIOS (S) on TCP/IP".
>> Open the Windows 2003 Firewall with "Local Area Connection", you can block the port, basically achieve an IPSec function, only keep the useful ports, such as remote (3389) and Web (page), FTP (21), mail Server (25,110), HTTPS (443), SQL (1433)
>> IIS (Internet Information Server Manager) in the home directory option, set the following
Read allow
Write not allowed
Script source access is not allowed
Directory browsing Recommendations Close
Record Access recommendations closed
Index Resource recommendation Close
Execute permissions Recommendation Select "Script Pure"
>> recommended the use of the expanded log file format, Daily Record customer IP address, user name, server port, method, Uri root, HTTP status, user agent, and every day to review the log.
(It is best not to use the default directory, it is recommended to replace a log path, while setting the log access permissions, only allow administrators and system to full Control).
>> in IIS6.0-Local computer – Properties-allows direct editing of the metabase in the configuration-by-home directory, properties----in IIS.
>> tick "Enable parent path" on the website
>> in the Web service extension in IIS, select Active Server Pages, and click "Allow"
>> Optimizing the IIS6 application pool
1. Cancel "Close worker process after idle time (minutes)"
2. Tick "recycle process (number of requests)"
3. Cancellation of "Fast failure protection"
>> troubleshoot problems with Server 2003 not uploading large attachments
Links below
Http://blog.sina.com.cn/s/blog_62c4ea990102wc66.html
Windows security Settings