Securing IIS 8
There shouldn’t be any question that IIS 8 is significantly more secure than its predecessors. Several key enhancements made over the past several versions such as a reduced attack surface, minimum install by default, and enhanced application isolation deliver a robust and secure web platform. IIS 8 is also configured by default to present only static information. To use applications or other dynamic content, you must manually enable the required features individually.
However, Microsoft products are also very common and therefore present a common target for attacks. For this reason, it’s important to secure the web server as much as possible. The more barriers there are, the less inclined a hacker will be to try to gain unauthorized ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
