...
Set that the applications pool will use 32 bit applications since it will refer .Net Framework 4.5.x.
...
For version 4.2.3 and later
...
...
Activate ASP.NET service set it to start automatically. The service is needed to support user session data in a state server.
...
It is recommended to always organize folders according to the same structure. Proposed structure is to create a sub folder structure on the data disk. This is the proposed structure for the Manager server.
| Code Block |
|---|
D:/Signifikant
Backup
Data
<Site>
Imports
Export
ExportArchive
Import
Install |
This is the proposed structure for the Web server. Note the extra Remote folder under Data.
| Code Block |
|---|
D:/Signifikant
Backup
Data
Remote
<Site>
Imports
Export
ExportArchive
Import
Install |
...
| Info |
|---|
It is recommended to use a service account for IIS instead of LocalSystem. |
Tilde Short File/Folder Name Disclosure
If IIS accept short filenames, a user may try to break security by testing different file names. Two actions are suggested for this issue.
...
Discard or filter all web requests including a tilde "~" character. The most recommended prevention technique is to apply a filtering rule in the firewall for all ~ (tilde) and Unicode encoded equivalences sent in the URL path to the server. If such a rule cannot be applied, URL rewrite should be used instead.
...
Find the security hardening checklist here: https://
...
signifikant.
...
atlassian.
...