Solved

Deleting default documentation on Exchange 2003/IIS6

Posted on 2011-09-15
2
223 Views
Last Modified: 2012-05-12
A recent external security audit turned up a few low priority items which I've been asked to correct.  I'm stuck on one of them which states:

(Low)  –  Default documentation was found installed with the HTTP daemon on device xxx.xxx.xxx.xxx.  Auditor recommends deleting all default documentation.

I'm not sure how to approach this one without breaking exchange/owa.  I can see the documentation tab under the default website properties for my exchange server running but I don't really know what they want me to do here.  The box for "Enable default content page" is checked and under it are several file names: iisstart.htm, Default.htm, Default.asp, index.htm, and Default.aspx.  I'm far from an IIS expert so would appreciate any guidance you could provide so this won't show up on the next audit.
0
Comment
Question by:First Last
2 Comments
 
LVL 12

Expert Comment

by:Nenadic
ID: 36547780
Could you share some information on the type of audit that was done? I was particularly drawn to the term "daemon" which comes from the UNIX world, so the audit may not have been perfectly suited to Wintel environments.
0
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 36547789
What you are seeing is "default document" and not documentation. I guess also that the auditor is referring to the same thing


If you go to c:\inetpub\wwwroot you will a few files and folders.

assuming you have only owa running on this IIS move these to another location and keep wwwroot empty that should be enough for the auditor
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question