Make IIS site public without exposing other sites

Posted on 2011-10-31
Last Modified: 2012-05-12
I have a few sites on IIS6, id like to make one (and only one) of them accessible via external url(ie public domain, www, accessible to all internets), now the problem might be is

i have about 5 sites set up with host headers, all on port 80
if i enable port forwarding for port 80 for the server's external ip address, will I also allow to access to all the sites, on IIS6, not only that one particular site?
Question by:Anti-Mhz
    LVL 17

    Accepted Solution

    Indeed.  If you allow port forwarding, you do it by IP and it has no knowledge of host headers.  It will therefore forward all requests to the web server.

    If the outside world can't RESOLVE the host header URL's of the 4 other sites, they can't request them, unless they're starting to do some hacking.  Technically however it would be possible to visit all 5 websites if the client knew about all the hosts which were available, because he could use his own host files to fake the URI request to the host, assuming they're not resolvable via DNS.
    LVL 1

    Author Comment

    that would recquire outside world/hacker to have knowledge of the names of the other host headers, no?
    even to create own hosts file like
    hostheader  ip address
    LVL 17

    Expert Comment

    Yes, they would need knowledge - you can't just request to an IIS web site "Hey, what sites do you host (wink)".  :)  So, in essense, it's not too much of a risk.
    LVL 1

    Author Comment

    hmm is there another step to make IIS site public?

    i have setup port forwarding at the isp/switch level

    tcp             80                     10.0.1.X            publicipaddress

    where X is the local server ip and public ip address is the ip address provided  

    at the IIS level i have set
    port 80 , ip address of the server 10.0.1.X , no host header (for test purposes)

    Home directory has read/log/index access

    default content page is enabled and  has index.php which is what the home page should be looking for.

    Directory security page is left untouched

    ive tried accessing via ip directly through web browser and through a web proxy gateway - the resource requested not found
    LVL 1

    Author Comment

    i have setup port forwarding at the isp/switch level

    tcp             80                     10.0.1.X            publicipaddress

    my isp manages my switch. yeah its one of those. so that should work as i have it working fine in different configurations.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    Logparser is the smartest tool I have ever used in parsing IIS log files and there are many interesting things I wanted to share with everyone one of the  real-world  scenario from my current project. Let's get started with  scenario - How do w…
    What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
    This video discusses moving either the default database or any database to a new volume.
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now