Windows Server 2012 IIS Security - Windows Server 2012

What is Internet Information Services(IIS) security?

The IIS (Internet Information Services) is a web server created by Microsoft. You need to follow some rules to minimize the risk of being hacked or having any other security issues.
  • The first one is to receive the updates of the system regularly.
  • The second one is to create different application polls. These polls can be created by following the steps shown below.
Step 1 −Go to: Server Manager → Internet Information Services(IIS) Manager → Application Pulls.
application_pools
Step 2 − Click “Sites” → Right Click “Default Website” → Manage Website → Advance Settings.
sites
Step 3 − Select the Default Pools.
default_pools
Step 4 – Now disable the OPTIONS method, this can be done by following the path – Server Manager → Internet Information Services (IIS) Manager → Request Filtering.
request_filtering
Step 5 – Go to action pane, select "Deny Verb" → Insert ‘OPTIONS’ in the Verb → OK.
deny_verb
Step 6 – Now enable Dynamic IP Restrictions blocks by going to – IIS Manager → Double click on "IP Address and Domain Restrictions" → Actions pane.
actions_pane
Step 7 – Now select "Edit Dynamic Restriction Settings" → Modify and set the dynamic IP restriction settings according to your needs → press OK.
edit
Step 8 – Let’s enable and Configure Request Filtering Rules, to do this – IIS Manager → Double click on "Request Filtering" → Change to the Rules tab → Actions Pane.
rules_tab
Step 9 – Choose "Add Filtering Rule" → Set the required rules → Click OK.
add_filtering_rule
Step 10 – To do logging goto – IIS Manager → select the specific site you want to configure → Logging.
logging

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Windows Server 2012 Topics