IIS (Internet Information Server) is a favorite target for hackers. Therefore, for administrators managing IIS web servers, ensuring server security is a critical issue. The default installation of IIS 4.0 and IIS 5.0 is especially vulnerable.
Take the following 10 steps to ensure IIS security:
1. Set up an NTFS disk drive specifically for IIS applications and data. If possible, IUSER (or whatever anonymous user) is not allowed to access any other disk drive. If the application encounters any problems caused by anonymous users not having access to programs located on other disk drives, then use FileMon of Sysinternals to find which file the user cannot access, and then move the program to the IIS disk drive. on. If this is not possible, IUSER is allowed to access only the file.
2. Set NTFS permissions on the disk drive: Developers = Full IUSER = Read and execute only System and admin = Full
3. Use a software firewall to ensure no end users (only developers) ) You can access other ports on the IIS machine other than port 80.
4. Use Microsoft tools to protect the machine: IIS Lockdown and UrlScan.
5. Start using the IIS log file (logging) function. In addition to the IIS record, the firewall log file function is also used if possible.
6. Move the recorded log (log) away from the preset location and make sure it has been backed up. Make a backup of the log folder so that there is always a backup file available in another location.
7. Start the Windows auditing function on the machine, because there will always be insufficient data when trying to reverse the attacker's behavior. With the supervisory log, you can check any suspicious behavior by executing a script and then send a report to the administrator. This may sound a bit extreme, but if your company attaches great importance to safety, this approach can be said to be very encouraging. Establish a monitoring function to report all failed account login events. Also, just like the previous IIS logs, change the default location (c:\\winnt\\system32\\config\\secevent.log) to a different location and make sure you have a backup and have a copy of the copied file. .
8. Read more safety articles (of various sources). It's best to understand IIS as much as possible and to implement a comprehensive security approach, not just to follow the experience that others (such as me) tell you.
9.Join the IIS vulnerability mailing list and read it to get the latest status. This list includes X-Force Alerts and Advisories from the Internet Security System.
10. Finally, make sure you perform Windows Update frequently and double check that the patch is actually installed.
HTTP Error 403.1 - Forbidden Access: Execution access is denied. Workaround This page cannot display
Everyone knows that IBM WebSphere Application Server is the Internets infrast
Todays servers pseudo-static life and death cant be loaded, and many reasons cant
The server frequently restarts frequently in the last night. After checking for a
Establishment of an internal FTP server for the enterprise
Windows2003 IIS can not specify IP
What if the server CPU is full?
Windows Server 2003 Server Settings IP Security Policy
Windows IIS 6 Security Protector - URL Authorization Raiders!
How do you think about choosing a server hosting provider?
Establish a WEB server on the WIN98 peer-to-peer network
I took out the Windows 2003 IIS6 installer
How to set up Win8 to prohibit remote modification of the registry to improve system security
Windows 8 System Optimization Performance Utility Method
Apache server supports CGI program and SSI program setting method
Microsoft is ready to release Win10 (wp10)
How to install Win10 with U disk? It's that simple
How to open and close FSO file read and write permissions in Windows
How to view the command to activate the win8 version of the full solution
Virtual machine virtualbox installation win8 customer preview version tutorial (2)
Windows 2003 Security: Re-supporting ASP scripts
How to solve the problem of error code appearing in win8.1 online update by modifying DNS