Securing the Windows Server 2003 IIS server

Source: Internet
Author: User
Tags iis

Overview

This module focuses on the instructions and steps required to harden your IIS servers in your environment. To provide comprehensive security for WEB servers and applications in your organization's corporate Intranet, you should protect each Microsoft Internet Information Services (IIS) server and each Web site and application running on those servers from clients that can connect to them Computer damage. In addition, you should protect Web sites and applications running on all of these IIS servers from Web sites and applications running on other IIS servers in your corporate Intranet.

To take the initiative in resisting malicious users and attackers, IIS is not installed on the Windows Server 2003 family of products by default. IIS was initially installed in a highly secure lockdown mode. For example, by default, IIS initially provides only static content. such as Active server Pages (ASP), asp.net, server-side include (SSI), Web Distributed Authoring and Versioning (WebDAV) publishing, and Microsoft Frontpag E? Features such as Server Extensions only work if the administrator has enabled them. These features and services can be enabled through the Web Service Extensions node in Internet Information Services Manager (IIS Manager).

The IIS Management appliance has a graphical user interface (GUI) that can be used to easily manage IIS. It includes resources for file and directory management, the ability to configure application pools, and the many features of security, performance, and reliability.

The next sections of this chapter detail the various security hardening settings that can be enforced to enhance the security of an IIS server that hosts HTML content in your corporate Intranet. However, to ensure that the IIS server is always in a secure state, you should also perform steps such as security monitoring, detection, and response.

Audit Policy settings

The audit policy settings for IIS servers are configured through the MSBP in the three environments defined in this guidance. For more information about the MSBP, see the module, "to create a member server Baseline for a Windows Server 2003 server." The MSBP settings ensure that all relevant security audit information is recorded on all IIS servers.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.