About IIS server security consists of six main steps:
1, use the Security Configuration Wizard (Configuration Wizard) to determine the minimum functionality required by the Web server, and then disable other unwanted features. Specifically, it can help you.
1 Prohibition of unwanted services
2 "Plug the unused port
3 for open ports, further restrictions on accessible addresses and other security
4 if feasible, prohibit Web extensions of unwanted IIS
5 reduces the exposure to Smb,lan Manager, and the LDAP protocol
6 defines a high signal-to-noise ratio (SNR) strategy
2, put the website file on a non-system partition (partition), prevent directory traversal defects, the content of the NTFS authority audit (AUDIT).
3, to their own system regularly do security scans and audits, before others found the problem to find their own weak place as soon as possible.
4, regular log analysis, looking for many unsuccessful landing attempts, repeated 404,401,403 errors, not for your site's request records.
5, if the use of IIS 6, the use of host Headers, URL scanning, the implementation of automatic Web site content and IIS metabase replication, IUSR_servername account users use the standard name.
6, the overall web architecture design ideas: Do not put your extranet Web server in the Intranet activity directory (Active Directory), do not use the Active Directory account to run IIS Anonymous authentication, consider real-time monitoring, carefully set the application pool settings, to strive for any activity to do logging, Prohibit the use of Internet Explorer on the server.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
