Manage Learn to apply best practices and optimize your operations.

How to safely install IIS

A member offers this advice for safely installing Microsoft's IIS.

This tip was submitted to the Tip Exchange Contest by user Ross Tsolakidis. Let other users know how useful it is and help Ross win a prize by rating the tip below.


I've seen a lot of people install a Windows 2000 server while the machine is connected to the network (live IP address). What they are unaware of is as soon as the install is completed and the Web server reboots, they are vulnerable to all the exploits that IIS has "out of the box," and that is a LOT.

I've seen Web servers attacked within seconds of going live, i.e., Code Red Worm. You'd be surprised how many people do this!

Here's the way I install a server:

  • I make sure the server is unplugged from the network while installing the OS.
  • Once the OS install has been completed and the machine reboots, I stop IIS completely via the IIS console.
  • Now I plug it into the network.
  • Next, I update all the patches and Service Packs.
  • I reboot the server, start IIS again and I'm done. If you do what I do, you won't have a vulnerable Web server live on the Internet while you are patching it.

Dig Deeper on Windows systems and network management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.