Use this article to find recommendations for configuring and managing Windows SharePoint Services 3.0 features in a more secure manner. You will usually perform the recommended configurations in Central Administration, rather than in the network, operating system, Internet Information Services (IIS), or the Microsoft .NET Framework. The recommendations in this article are appropriate for the following security environments:
The following table describes recommendations to help you secure Windows SharePoint Services 3.0 features.
Feature or area
Do not use client-side automatic logon when using the Central Administration site.
Allow only front-end Web server computers to perform authentication of users. Do not allow end-user accounts or groups to authenticate against the database server computer.
Assign permissions to groups instead of individual accounts.
Assign users the least permissions required to complete their tasks.
Use access permissions to secure the Central Administration site and allow administrators to connect to the site remotely (as opposed to enabling the Central Administration site for local computer use only). This alleviates the requirement for administrators to log on locally to the computer that is hosting Central Administration. Configuring Terminal Services access to the computer creates a greater security risk than leaving the Central Administration Web site available for remote access.
Configure Windows SharePoint Services 3.0 to accept only e-mail that has been relayed through a dedicated mail server, such as Microsoft Exchange Server, which filters out viruses and unsolicited commercial e-mail, and authenticates the mail sender.
When configuring workflow settings, Windows SharePoint Services 3.0 allows you to enable participants who do not have rights to access a document on a site to receive the document as an e-mail attachment instead. In a secure environment, do not select the Allow external users to participate in workflow by sending them a copy of the document option. In Windows SharePoint Services 3.0, this option is not selected, by default.
Web Part storage and security
Ensure that you deploy only trusted code to your server farm. All code, XML, or ASP.NET code that you deploy should be from a trusted source, even if you intend to tighten security after deployment with defense-in-depth measures such as code access security.
Ensure that the SafeControl list in the Web.config file contains the set of controls and Web Parts that you want to allow.
Ensure that custom Web Parts that you plan to reinforce with defense-in-depth measures are installed into the bin directory of the Web application (where partial trust is turned on), with specific permissions for each assembly.
Ensure that appropriate people in your organization are granted the Design and Contribute permission levels in your site. A user with the Contribute permission level can upload Active Server Page Extension (ASPX) pages to a library and add Web Parts. Users with the Design permission level, who are allowed to add Web Parts, can modify pages, including the home page on your site (Default.aspx).
The Windows SharePoint Services Search service account must not be a member of the Farm Administrators group; otherwise, the Windows SharePoint Services Search service will index unpublished versions of documents.
Ensure that additional IFilters and word breakers that you deploy are trusted by your IT team.
By default, the search index file is accessible only by members of the Farm Administrators group. Ensure that this file is not accessible to users who do not belong to this group.