O'Reilly logo

Internet Information Services (IIS) 6 Resource Kit by The Microsoft IIS Team

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Secure Code

No matter how secure your server is, if the applications that it hosts are not programmed according to best security practices, your network might be vulnerable to attacks. As part of a defense-in-depth strategy, IIS administrators should work with developers to ensure that the code that the server running IIS hosts is as secure as possible. For example, developers can reduce the risk of certain types of attacks, such as cross-site scripting and SQL injection, by validating user input.

Cross-site scripting occurs when an attacker sends a link in e-mail to a user or otherwise points the user to a Web site, and the link actually contains malicious script code, which can be VBScript or JScript. As a result of cross-site scripting, an attacker ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required