Students who have been hacked to the station should have such experience. One of their own server station has been invaded, other sites have been suffering, what is this? 90% is the IIS Web site account permissions are too large, the server on all sites share an IIS account, and then the next novice how to set the IIS Web site account.
1. Start-My Computer-admin click in
2. Locate local Users and groups, and then users, create new users
3. New user, username, password, write casually, these you have to live, will be used later. User cannot change password and password never expire (on tick)
4. Find the newly created user, click Properties, Next, we want to reduce the user's permissions
5. New users, the default has the users permission, this permission is a bit large. We delete this permission, apply it, and determine it. Such a low privilege account is built
6. Next, we put the newly built account, apply to the website, open IIS Manager, select the website we have built, properties-Directory Security-edit authentication and access control.
7. Browse-Advanced-Find Now, find the newly created username-OK, then enter the username password, confirm-confirm-apply-confirm.
8. Next, we want to set the Site Directory permissions, the new users for the site,
Web Site-Permissions
9. Add the newly built user, give permission to modify, security items inside, only keep administrators, system and the construction of the IIS website account number, all the others are deleted altogether.
This is set up, hackers want to pass the method of side note, breach of the site, will be wasted.