Managing a Secure IIS 6.0 Solution

Applies To: Windows Server 2003 with SP1

Appropriate security safeguards on your Web server can help reduce or eliminate various security threats. These threats can come from malicious users as well as from well-intentioned users who accidentally gain access to restricted information or inadvertently alter important files. Internet Information Services (IIS) 6.0 provides the elements for a secure IIS solution, including a new approach to server configuration that emphasizes installing only the services that you know you will run on your server.

In This Section

Security Changes in IIS 6.0

Automatic Installation of Security Updates

Authentication Methods Supported in IIS 6.0

Access Control in IIS 6.0

Encryption in IIS 6.0

TCP/IP Port Filtering

Secure Code

MIME Types

Auditing Server Activity

Standards Implemented

Additional Resources for IIS 6.0 Security