Ask the Expert

Secure IIS 5.0 tips

I have an IIS 5.0 server that I wish to secure. Do you have any tips on how best this can be achieved? Would an Apache server be a better choice than IIS?


    Requires Free Membership to View

You should definitely consider using Microsoft's IIS Lockdown wizard, available at no extra charge from Microsoft. It'll step you through securing your configuration, and offers some pretty solid recommendations for improving the default settings.

As for Apache vs. IIS... You should really go with whichever you are most familiar with up front. Both have a history of security issues (although IIS probably has had more problems over the years). Still, your best bet for security is to use a product you are more familiar with. That way, you'll be more comfortable administering, patching and operating it.


For more info on this topic, visit these SearchSecurity.com resources:
  • Best Web Links: Microsoft security
  • Web Security Tip: Getting IIS patched fast
  • Web Security Tip: Keep Apache patched

  • This was first published in August 2003

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: