Home
Topics
Microsoft Windows Storage Management
Microsoft Windows Data Backup and Protection
How does one protect the server while allowing visitors on the website?

How does one protect the server while allowing visitors on the website?

eI am running IIS 5 on a Win2k server. I have a Web site (using the default Web site.) I can't figure out how to secure the server while still allowing anonymous connections to the site. I installed the latest service pack (2) and ran the MS personal security advisor, which identified several hotfixes I should install. When I did so, the Internet user account was locked out and visitors to my site were prompted to enter a password. Obviously, that isn't going to work. The lockdown program failed to complete installation and uninstalled itself. How does one protect the server while allowing visitors on the Web site?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

That's a question that deserves a very long answer. Rather than trying to write pages and pages in response, I'll refer you to Microsoft's Web site:

http://www.microsoft.com/technet/security/

In general, follow these best practices:
1) Install all service packs
2) Install all hotfixes that may apply to your site
3) Install URLScan (once you understand how it works): http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32571
4) Restrict NTFS file permissions
5) Remove any unwanted application mappings

Regarding troubleshooting the problem you're having with authentication, first verify that anonymous authentication is enabled. To do this, check the Security tab of your Website's properties. If that's enabled, verify that the anonymous IIS user is enabled and has Read access to the files your users are attempting to access.

Good luck.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in October 2001

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Server Virtualization
Cloud computing
Exchange
SQL Server
Windows IT
Enterprise Desktop
Virtual Desktop

Server Virtualization
- Strike a common-sense balance when deciding what to automate
  
  Consider the many factors that determine the potential return on investment when deciding when and what to automate.
- How can I enable automated VM resource provisioning?
  
  As with many other facets of virtualization, VM resource allocation is becoming automated. Find out what tools you can use for automated provisioning.
- Columbia Sportswear's move from virtualization to private cloud computing
  
  Columbia Sportswear parlayed server virtualization into a private cloud. Along the way, it found that its management tools needed serious rethinking.
Cloud computing
- VMware charges into public cloud IaaS fray as Dell exits
  
  Dell will discontinue its OpenStack and VMware vCloud-based public cloud offerings as VMware delivers its vCloud IaaS.
- Cloud migration obstacles remain for heavily regulated industries
  
  Financial, government and healthcare industries must overcome data security breaches and regulatory issues for a successful cloud migration.
- Converging private PaaS, IaaS: The next generation of private cloud
  
  Most IT pros build private clouds using IaaS but forget to consider developers. Convergence with private PaaS could meet needs, but not for all apps.
Exchange
- Replacing Forefront TMG: Alternate reverse-proxy options for Exchange
  
  With the discontinuation of Forefront TMG, Exchange admins are left wondering what to do moving forward. The available options may surprise you.
- Comparing Exchange 2013 and Office 365 pricing and feature sets
  
  Exchange 2013 and Office 365 pricing and feature sets are important items to examine when weighing an email migration. Here's what to know.
- Configuring federation proxy servers for a hybrid Office 365 deployment
  
  Part of the hybrid Office 365 single sign-on configuration process is correctly setting up federation proxy servers. Here's how.
SQL Server
- Database index design and optimization: Some guidelines
  
  What are the latest tips and tricks for database design and optimization? Check out this tip from Basit Farooq to learn more.
- Adam Machanic talks SQL Saturday
  
  We caught up with Adam Machanic, group leader of the New England SQL Server user group, at SQL Saturday Boston. Find out what he shared with us.
- SQL Server meets database application security
  
  Make sure your SQL Server is secure by studying these general guidelines for secure database applications from SQL Server expert Roman Rehak.
Windows IT
- How to advance your cloud skills and get ahead of the gap
  
  There may be a growing shortage of IT pros with cloud skills, but you can take action now and become a valuable asset with the right skills.
- Prepare for a SharePoint 2013 upgrade with five tips
  
  Considering an upgrade to SharePoint 2013? Find out the answers to the most common questions IT pros will ask before making the jump.
- Prioritize your IT tasks and finally conquer your to-do list
  
  It's easy to feel overwhelmed by a growing to-do list of IT tasks, but there are easy ways you can decide what to tackle first and what can wait.
Enterprise Desktop
- Windows 8 tools build on native Windows 7 utilities with new capabilities
  
  New and updated Windows 8 tools can help admins and users. Windows 8 utilities include functions for backing up and restoring systems.
- Why a Windows security scan is not enough to protect your workstations
  
  A traditional Windows security scan may lure IT into complacency about desktop vulnerabilities, so look at four areas to beef up Windows security.
- Microsoft addresses legacy apps with Windows 8 app compatibility tools
  
  New operating systems are always accompanied by compatibility concerns. Windows 8 app compatibility is no different, or is it?
Virtual Desktop
- Citrix expected to tackle mobile application delivery, VDI costs
  
  As Citrix Synergy 2013 kicks off in Anaheim, attendees hope to learn about new desktop and application delivery strategies for the mobile world.
- How Microsoft RDP 8.0 addresses WAN, graphics shortcomings
  
  Microsoft's Remote Desktop Protocol improves the user experience with the release of RDP 8.0 in Windows Server 2012, but there are some limitations.
- Making Citrix XenDesktop play nice with a VMware hypervisor
  
  You can run XenDesktop on a VMware hypervisor, but what does that entail? Learn how clustering and vCenter Server work in a mixed VDI environment.

All Rights Reserved,Copyright - 2013, TechTarget