Controlling Access with Microsoft IIS
Microsoft’s Internet Information Services (IIS) is a web service that is shipped as part of the Windows NT 4, 2000, and XP operating systems. It is a full-featured web server that does just about anything that you could possibly want (other than run on Unix, that is).
Installing IIS
To install IIS, follow these steps:
Open the “Add/Remove Programs” control panel.
Select “Add/Remove Windows Components.”
Check “Internet Information Services.”
Click “Next.”
IIS installs the following directories on your system:
- \Inetpub
Root directory for your web server
- \Inetpub\wwwroot
Root document directory for the web server
- \systemroot\Help\iisHelp
Help files
- \systemroot\system32\inetsrv
Program files
The directories containing user content will remain on your system after you completely uninstall IIS.
Warning
As soon as you install IIS, be sure that you go to the Microsoft Windows Update web site and download all relevant patches for IIS before you start the server. If possible, download the patches from behind a firewall. If you fail to install the IIS patches, your Windows server will almost certainly be broken into and compromised. This is true even if you are behind a corporate firewall or are otherwise “protected.”
Downloading and Installing the IIS Patches
To install the patches, follow these steps:
Log into your Windows system using an account that has Administrator access.
Using Microsoft’s Internet Explorer, open the URL http://windowsupdate.microsoft.com/. On most ...
Get Web Security, Privacy & Commerce, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
