Enter the IIS security tool IIS Lockdown

When it comes to IIS servers, you must be familiar with them. We often use them and are often attacked. Here, we will solve the security problems of IIS servers for you. The IIS Lockdown tool is one of the two tools provided by Microsoft to improve IIS security. Besides IIS Lockdown and URLScan, IIS Lockdown 2.1 contains URLScan.

IIS Lockdown 2.1 has the following functions:

(1) Disable or delete unnecessary IIS services and components.

(2) modify the default configuration to improve the security of system files and Web content directories.

(3) Use URLScan to filter HTTP requests.

Note that the description in this article is applicable to IIS Lockdown version 2.1. the usage of previous versions is very different.

IIS Lockdown may change the running mode of IIS, so it is likely to conflict with applications that depend on some features of IIS. In particular, exercise caution when installing IIS Lockdown and URLScan on a Server that runs Microsoft Exchange 2000 Server, Exchange Server 5.5, or Microsoft SharePoint Portal Server.

Microsoft's two articles explain possible difficulties and solutions: XADM: http://support.microsoft.com/default.aspx for using the IIS Lockdown Wizard for known issues and adjustment policies in an Exchange 2000 environment? Scid = kb; en-us; q309677), and SPS: IIS Lockdown Tool affects SharePoint Portal Server http://support.microsoft.com/default.aspx? Scid = kb; en-us; q309675 ).

In addition, before applying IIS Lockdown or URLScan, you must search the Microsoft Knowledge Base to collect the latest information that may cause problems. After understanding the information and the suggestions, install IIS Lockdown on the test server to fully test whether the IIS functions required by Web applications are affected. Finally, make a comprehensive system backup so that the system can be quickly restored when the system functions are seriously affected.