Implementing Windows Security
When implementing an IIS server, you must first ensure that the Windows server hosting the IIS service is secure. Measures you can take include the following:
Minimize services.
Define the user account for anonymous access.
Secure the file system.
Apply specific registry settings.
Note
 | These Windows security setting recommendations are the same whether you are hosting IIS on Windows 2000 Server or Windows Server 2003 hosts. |
Minimizing Services
At a minimum, IIS server requires that you configure the following services to start automatically:
IISAdmin Enables administration of the Web server
World Wide Web Publishing Service ...
Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
