Security in IIS 6.0

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

This section describes how to configure your Web server to strengthen the security of your Web sites and to carry out other essential security functions.

In This Section

This section includes the following information:

  • IIS 6.0 Security Best Practices: Provides a list of best practices for securing your Web site and server.

  • Authentication in IIS 6.0: Provides information about how to confirm the identity of users that are attempting to establish connections to restricted content.

  • Access Control with IIS 6.0: Provides information about how users access and manipulate your resources.

  • IIS 6.0 Encryption: Provides information about how to protect the privacy of your information with Secure Sockets Layer (SSL) encryption features.

  • Certificates_IIS_SP1_Ops: Provides information about how to establish secure connections by using certificates and SSL features.

  • Auditing in IIS 6.0: Provides information about how to monitor security activities to prevent tampering and unauthorized access.

Related Information

  • For information about isolating server applications so that they will be run in a process that is separate from the Web server process, see Isolating Applications in IIS 6.0.

  • For information about verifying the network name and address of your computer, see Domain Name Resolution.