Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: Secure Files and Directories in IIS  (Read 14408 times)

0 Members and 1 Guest are viewing this topic.

nirmal

  • Jr. Member
  • **
  • Posts: 56
  • Karma: +0/-0
Secure Files and Directories in IIS
« on: November 17, 2013, 03:21:26 pm »
Hi all,

How to secure Files and Directories                         
               
Use multiple disks or partition volumes and do not install the Web server home directory on the same volume as the operating system folders.         
Contain files and directories on NTFS volumes.                            
Put Web site content on a non-system NTFS volume.                            
Create a new site and disable the default site.                            
Put log files on a non-system NTFS volume but not on the same volume where the Web site content resides.
Restrict the Everyone group (no access to \WINNT\system32 or Web directories).                         Ensure Web site root directory has deny write ACE for anonymous Internet accounts.                   
Ensure content directories have deny write ACE for anonymous Internet accounts.                         Remove remote IIS administration application (\WINNT\System32%#92;Inetsrv\IISAdmin).                   
Remove resource kit tools, utilities and SDKs.                            
Remove sample applications (\WINNT\Help\IISHelp, \Inetpub\IISSamples).                            
Remove IP address in header for Content-Location.

Thank you
Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!