IIS Files to Delete for Security

Lisa Shea
IIS Files to Delete for Security
If you're running an IIS webserver, there are several files that it is critical for you to delete, to keep your IIS installation secure. Hackers of course know all about the default set of IIS files and have worked hard to find ways to exploit these.

\Inetpub\iisamples\
The sample directory is great when you're trying to learn how IIS works - but as soon as you are done, delete them all. In fact, hopefully you are learning on a non-public webserver, and therefore the actual, live webserver should not have these files at all.

\Program Files\Common Files\System\msadc\Samples\
This is another sample directory which should be completely removed from your system.

Default Websites
Stop the default website and default admin site from running in IIS. Also stop the mail server if you will not be using it. Stop the FTP server and get yourself a secure FTP software package to use for file transfers.

Extension Mapping
Under your IIS website, go into properties, Home Directory, configuration. Remove the entries for .IDQ and .IDA. Save.





RSS
Related Articles
Editor's Picks Articles
Top Ten Articles
Previous Features
Site Map





Content copyright © 2023 by Lisa Shea. All rights reserved.
This content was written by Lisa Shea. If you wish to use this content in any manner, you need written permission. Contact Lisa Shea for details.

About the Editor

Lisa Shea

Lisa Shea

Join the Discussion

Get help with your ASP projects and learn some new tricks!

ASP Forum

Recent Articles

Free Newsletter

Subscribe for free weekly updates from this ASP site.

Past Issues

ASP Categories

New Editors

African American Lit
Chocolate
Classical Music
Classic Rock
Costuming
Current Events
Dreams
English Culture
Mexican Food
Obesity
>> Join Our Editor Community

Advertising

Recommended Products

Copyright (c) Minerva Webworks LLC All Rights Reserved