Step 9 to completely solve IIS7 server security issues

In this article, we will focus on some methods to help you use in your environment and ensure the security of the IIS7 server and its applications.

1. Step 1: Make sure that your Web server is a reinforced OS. If you are using the Windows Server 2008 R2 operating system, the core installation version of the Server will give you all the features you need, but it cannot reduce the risk of being attacked. If you are using a regular version of Windows Server, you can try to install IIS, which only acts on the device you currently need. You can also restore or install more features as needed. Note that when you add a device that you do not use, this will increase the attack scope.

2. Using a firewall can truly help you protect WEB servers, especially Internet-oriented servers. The firewall ensures that the server only receives valid packets with services. When attackers attempt to launch malicious attacks on your server, the firewall is your first line of defense. The Intrusion Prevention System (IPS) can further protect your system, especially the IIS server. If your system is not very large and you do not need to install a specific hardware firewall device, you can also use the Windows Server 2008 integrated firewall to achieve better security.

3. Use IIS7 to control ip addresses and domain restrictions to access the content of your WEB server. For example, you can only authorize access to the internal domain of the Organization. You can also add the IP address of the Administrator's house, the boss, or any other organization or individual you want to access.

4. IIS7 allows you to better filter information that needs to be processed. With this feature, you can filter out specific rules, such as processing files with a specific extension, or processing specific phrases in a URL.

5. When a valid package is processed in IIS, there should also be an authorized person. IIS7 allows you to use a process to call URL Authorization. A specific page and/or Web server website can be authorized to different users. By default, users should first authenticate themselves and authenticate their identities, and then allow or disallow access to the web pages/websites they require. This is different from the ISS version. administrators can set permissions at the file system level. Use URL Authorization IIS7 to support more detailed authorization.

6. One of the best ways to ensure your IIS server is to use SSL certificates to communicate with users and Web servers. If the server is publicly available, you should issue a certificate from a trusted certificate authority such as GoDaddy or Verisign. This certificate is trustworthy and easy to use in any browser and on any computer, but the disadvantage of using SSL is the high price. If the IIS server is only used within your organization, you can use your own Web server issued by the PKI certificate in your environment. However, internal users may access computers that do not have certificates installed on different computers. If your IIS server is only used in the test environment, you can use a self-signed certificate in the ISS management tool. This feature was not integrated in previous ISS versions. You must download a tool from Microsoft to create your own signature certificate. In IIS7, this process is much easier.

7. logs are the most secure method for you. It helps you search for the attack source or the cause of a server damage. From the very beginning, ensure your settings and assist your monitoring work in the crisis.

8. If you feel that your IIS infrastructure and all security solutions have no problems, you need to test them. Using the test tool, Microsoft will provide you with master-level policies to ensure that your test is the best method. The most common tools for testing are SCW and SCM. The Security Configuration Wizard (SCW) -- this is based on whether your server has played or not some other roles besides the IIS server. After the test, SCW will tell you how to improve server security reports and suggestions. Security Compliance Manager (SCM) is a tool for Microsoft to perform security tests on your servers. After comparing with the predefined template of the configuration server, you can change the Usage Policy to configure the server. SCM uses updated database tools, which is more complex than SCW tools. This ensures that you can run these tools after regularly initializing and installing the server.

9. The role of IIS logging is mentioned above, but the most important role of logging is to monitor specific events for you, which may cause problems in servers or hosted applications. It is equally important for you to monitor the running time, availability, and performance of the server itself. You can also monitor the SLA of an IIS server, whether it is an internal (company) or external (client) SLA requirement. In theory, such monitoring can be done manually by a server administrator, but it can be handed over to a monitoring company like Monitis for more efficiency and reliability.

How to Find Monitoring IIS server, you can go to the following link through Monitis: http://blog.monitis.com/index.php/2011/06/25/monitoring-iis-with-vbscript-via-monitis/