/

Technical instruction - IIS security

Technical instruction - IIS security

Owned by Shafi Miah

Last updated: 12 Dec 2024 by Hanna Agerlo

1 min read

Review Microsoft’s latest policies and recommendations for Windows Servers, IIS, Azure and ohter components and infrastructure used for an installation.

Service account

It is recommended to use a service account for IIS instead of LocalSystem.

IIS settings

Security IIS Settings Checklist

Implement the IIS security settings
Implment the HTTP response header
1. https://signifikant.atlassian.net/wiki/x/AQD2qg
Enforcing the HTTPS in IIS
1. https://signifikant.atlassian.net/wiki/x/BADe0g
Configure Application Pool Identity
1. https://signifikant.atlassian.net/wiki/x/BQDa0g
Disable Directory Browsing
Set NTFS Permissions
1. https://signifikant.atlassian.net/wiki/x/KwDe0g

Other security aspects to consider

Technical instruction - Installing application on Windows Server | Security

technical-documentation

Related content

Technical instruction - Configure Application Pool Identity

Technical instruction - Configure Application Pool Identity

Signifikant Knowledge Base

More like this

Technical instruction - IIS security settings

Technical instruction - IIS security settings

Signifikant Knowledge Base

More like this

Technical instruction - Add http response header on IIS

Technical instruction - Add http response header on IIS

Signifikant Knowledge Base

Read with this

Technical instruction - Set NTFS Permissions

Technical instruction - Set NTFS Permissions

Signifikant Knowledge Base

Read with this

Technical instruction - Enforce HTTPS in IIS

Technical instruction - Enforce HTTPS in IIS

Signifikant Knowledge Base

Read with this