How to set up IIS to ensure its security

IIS configuration issues have been very concerned, mainly because of IIS security issues, if not configured well, computer security issues may be threatened, and now virus-like pervasive, so there is a safe way to configure IIS Of course it is the best, let's take a look.

Advanced education organizations often struggle to find a balance between building vibrant, user-friendly sites or building high-security sites. In addition, they must now work to improve the security of their websites in the face of shrinking technology budgets (in fact, many of their private sectors are also facing similar situations).

Because of this, I am here to provide some tips for university IT managers who have a headache for the budget to help them protect their IIS servers. Although primarily for IT professionals at the university, these techniques are basically applicable to IIS managers who want to increase security with a small budget. In fact, some of the techniques are also very useful for IIS managers with strong budgets.

First, develop a security policy

The first step in securing a web server is to ensure that the network administrator knows every system in the security policy. If the company's top management does not regard the security of the server as an asset that must be protected, then the protection work is completely meaningless. This work requires long-term efforts. If the budget is not supported or it is not part of a long-term IT strategy, administrators who spend a lot of time protecting server security will not receive significant management support.

What are the direct consequences of network administrators establishing security for all aspects of the resources? Some users who are particularly adventurous will be shut out. Those users will then complain about the company's management, and the management will ask the network administrator what happened. Then, network administrators can't create documents that support their secure work, so conflicts have occurred.

Network administrators will be able to deploy a variety of software tools on different operating systems with a security policy that addresses the security level of the web server and availability.

Microsoft's products have always been the target of criticism, so IIS server is particularly easy to become the target of the attacker. With this in mind, network administrators must be prepared to implement a number of security measures. What I am going to offer you is a list that server operators may find useful.

1. Keep Windows Upgrade:

You must update all upgrades in a timely manner and patch all the patches for your system. Consider downloading all updates to a dedicated server on your network and publishing the files on the machine as a web. Through these tasks, you can prevent your web server from accepting direct Internet access.

2. Using IIS prevention tools:

This tool has many practical advantages, however, please use this tool with caution. If your web server interacts with other servers, first test the prevention tool to make sure it is properly configured to ensure that it does not affect the communication between the web server and other servers.

3. Remove the default Web site:

Many attackers target the inetpub folder and place some sneak attacks on it, causing server crashes. The easiest way to prevent this kind of attack is to disable the default site in IIS. Then, because worms access your site through IP addresses (they may have access to thousands of IP addresses a day), their requests may be in trouble. Point your real Web site to a back-partitioned folder and must include secure NTFS permissions (described in more detail in the NTFS section below).