Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 with SP1
IIS 6.0 and Windows Server 2003 provide several ways to help secure your application servers and their content. This section provides information about the following security-related topics:
Setting Web Site Authentication: Describes how to set up Web site authentication for your Web sites.
Setting FTP Site Authentication: Describes how to set up FTP site authentication to validate users who request access to your FTP sites.
Obtaining and Backing Up Server Certificates: Describes how to set up Secure Sockets Layer (SSL) certification on your sites. SSL certificates enable Web servers and users to authentication each other before establishing a connection.
Controlling Access to Applications: Describes how to reduce the attack surface of your applications with permissions and restrictions, and how to control which users and computers are allowed to access your Web server and its resources.
Before you do any of these security-related tasks, be sure that you are familiar with best practice guidelines and that you apply those guidelines to these tasks. If you are new to using IIS or if you are unfamiliar with any of the following security-related tasks, be sure to read the cross-references to additional information that are provided in this section.