Q

Secure IIS 5.0 tips

I have an IIS 5.0 server that I wish to secure. Do you have any tips on how best this can be achieved? Would an Apache server be a better choice than IIS?


You should definitely consider using Microsoft's IIS Lockdown wizard, available at no extra charge from Microsoft. It'll step you through securing your configuration, and offers some pretty solid recommendations for improving the default settings.

As for Apache vs. IIS... You should really go with whichever you are most familiar with up front. Both have a history of security issues (although IIS probably has had more problems over the years). Still, your best bet for security is to use a product you are more familiar with. That way, you'll be more comfortable administering, patching and operating it.


For more info on this topic, visit these SearchSecurity.com resources:
  • Best Web Links: Microsoft security
  • Web Security Tip: Getting IIS patched fast
  • Web Security Tip: Keep Apache patched

  • This was first published in August 2003

    Dig deeper on Web Server Threats and Countermeasures

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close