Tuesday, 11 September 2018

Windows Server 2016 - IIS Security

The IIS (Internet Information Services) is facing internet all the time. So, it is important to follow some rules in order to minimize the risk of being hacked or having any other security issues. The first rule is to take all the updates of the system regularly. The second one is to create different application polls to this, which can be done by following the steps shown below.
Step 1 − You have to go to: Server Manager → Internet Information Services(IIS) Manager → Application Pulls.
Application Pools
Step 2 − Click “Sites” → Right Click “Default Website” → Manage Website → Advance Settings.
Sites
Step 3 − Select the Default Pools.
Default Pools
Step 4 − Disable the OPTIONS method, this can be done by following the path – Server Manager → Internet Information Services (IIS) Manager → Request Filtering.
Request Filtering
Step 5 − In the action pane, select "Deny Verb" → Insert ‘OPTIONS’ in the Verb → OK.
Deny Verb
Step 6 − Enable Dynamic IP Restrictions blocks by going to – IIS Manager → Double click on "IP Address and Domain Restrictions" → Actions pane.
Actions Pane
Step 7 − Then select "Edit Dynamic Restriction Settings" → Modify and set the dynamic IP restriction settings according to your needs → press OK.
Edit
Step 8 − Enable and Configure Request Filtering Rules, to do this – IIS Manager → Double click on "Request Filtering" → Change to the Rules tab → Actions Pane.
Rules Tab
Step 9 − Then select "Add Filtering Rule" → Set the required rules → Click OK.
Add Filtering Rule
Step 10 − Enable logging, to do this we need to follow this path – IIS Manager → select the specific site you want to configure → Logging.
Loging

No comments:

Post a Comment