Proper security safeguards on your Web server can reduce or eliminate various security threats from malicious individuals, as well as from well-intentioned users who might accidentally gain access to restricted information or inadvertently alter important files.
This section will show you how to configure both your Web server and Windows to properly secure your Web site and to carry out other essential security functions.
This section includes:
- About Security: A conceptual overview of your Web server's security features, with tips for getting started and learning about using high-security Secure Sockets Layer (SSL) features.
- IIS Security Checklist: A list of suggestions for securing your Web server, including Windows settings, IIS Web permissions, and physical security.
- Authentication: Confirm the identity of users attempting to establish connections to restricted content.
- Access Control: Control how users access and manipulate your files and directories.
- Encryption: Protect the privacy of your information with SSL encryption features.
- Certificates: Establish secure connections by using certificates and SSL features.
- Auditing: Monitor security activities to prevent tampering and unauthorized access.
This section does not contain information on:
© 1997-1999 Microsoft Corporation. All rights reserved.
(The following words are used by Search; they are not intended to be displayed on the page.)
security, secure, lock down, lock-down, lockdown, insecure, risk, hack, hacker, hackers, crack, cracker, crackers, exploit, firewall, unauthorized, illegal, steal, sniff, sniffs, sniffer, satan, checklist, weakness, weaknesses, vulnerable, vulnerability, gap, hole, open, spoof, fraud, defraud, fraudulent, false, bogus, virus, deface, attack, denial of service, denial-of-service, exe, .exe, executable, script, overload, spam, harrass, flood, syn flood, syn-flood, synflood, buffer overrun, buffer overload, long url, attack, attacks, breach, defeat, circumvent, overwrite, password, links, more information passwords, identity, identify, identification, logon, log on, credentials, control, user, users, authenticate, digest authentication, challenge/response, basic, ntlm, digest, control, restrict, deny, keep out, safe, confidential, sensitive, secret, protect, shield, hide, hidden, defend, defense, defending, against, defeat, stop, prevent, prevention, file, files, directory, ntfs, user account, nt account, permission, permissions, privilege, privileges, admin, administrator, operator, invalid, valid, directories, share, shared, public, private, privacy, access, limit, limited, encrypt, encryption, encrypted, hash, hashed, scramble, scrambled, intercept, code, coder, md5, kerberos, base64, digital, cleartext, clear, text, certificate, server certificate, personal certificate, certification provider, authority, certify, certified, base-64, base64, base 64, key, key, 40 bit, 40-bit, 128 bit, 128-bit, cipher, cypher, ssl, secure sockets layer, fortezza, track, audit, monitor, monitoring, detect, detection, alert, notify, false, repeated, unsuccessful attempts, intrude, intruder, intrusion, sneak, log, logs, logging, attempt, attempts, gain entry, enter, upload, trojan horse, back orifice, backorifice, html.internal, wizard, wizards, trust, trusted, account, accounts