The next sections guide you through the process of securing your Web server. These sections use the configuration categories introduced in the "Methodology for Securing Your Web Server" section of this chapter. Each high-level step contains one or more actions to secure a particular area or feature.
Step 1 | Patches and Updates | Step 10 | Auditing and Logging |
Step 2 | IISLockdown | Step 11 | Sites and Virtual Directories |
Step 3 | Services | Step 12 | Script Mappings |
Step 4 | Protocols | Step 13 | ISAPI Filters |
Step 5 | Accounts | Step 14 | IIS Metabase |
Step 6 | Files and Directories | Step 15 | Server Certificates |
Step 7 | Shares | Step 16 | Machine.config |
Step 8 | Ports | Step 17 | Code Access Security |
Step 9 | Registry |