IIS Server Checklist Which Would Be Helpful Against IIS Vulnerability

Microsoft Internet Information Services (IIS) is a web server for Windows Server which provides HTTP, HTTPS, FTP, SMTP, and many more features. You can follow some checklist for IIS server to avoid some IIS vulnerability.

    • Change Your Default Root Directory

      You can change your default root directory in a different folder or drive Because of IIS vulnerability, a malicious user can gain access to the web root directory, and then escalate his permissions and gain access to the whole drive where the web root is.

 IIS Vulnerability

  • Use Dedicated Application Pool

    You can create a dedicated application pool for each application that is made to tell your applications apart from other users, which increases the effectiveness and security of your website. You can use dedicated application pool for each application.

  • Enable Auditing

    IIS configuration auditing is a feature of Windows server. It generates event messages. You can monitor all changes that are done in IIS configuration store. We can check the configuration element which was changed, the user who initiated the change, and the original and the new value of the element.

  • Disable CGI and ISAPI extension

    ISAPI and CGI restrictions are requested handlers that allow dynamic content to execute on a server. These restrictions are either CGI files (.exe) or ISAPI extensions (.dll). But Unfortunately, CGI files and ISAPI extensions are also commonly exploited in web attacks and should be restricted if not in use.

  • Disable FTP service

    IIS server does provide FTP service also to connect web directory from the remote location. You can disable this service if you don’t require this or change default port (21) for same.

  • Disable SMTP Service

    IIS server does provide a lot of feature and SMTP service is the one of IIS server feature. This feature does install by default in IIS server. You can disable SMTP service manually if you don’t require this.

You Must Also Read

Vulnerability in Apache Tomcat – CVE-2017-12617

Leave a Reply

Your email address will not be published. Required fields are marked *