[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4020
  • Last Modified:

Redirect instead of IIS7 Welcome screen

Hi all,

We've recently had a penetration test carried out on our network and a series of low risk issues were raised. One of them was that when you enter the external IP address of my clients 2011SBS server it comes up with the IIS7 welcome page, in their words "this means that the web server has not been hardened". Their recommendation is to remove the IIS 7 welcome page and replace it with a redirect.  Not being any good with IIS I was wondering if someone could give me a quick step by step guide on how to acheive this to get rid of this "risk"

Many thanks

1 Solution

The easiest thing to do is to replace the default page with a newly created one liner.

<% Response.Redirect( url ) %>


That link shows you some simple but powerful things you could do.

Rob WilliamsCommented:
If I recall correctly that only happens if port 80 is forwarded to the server.  With SBS there is no need for port 80 as all services use 443.

With port 80 closed the default http://<IP> response should be Internet Explorer cannot open the page, and with https://<IP> it should return  401 - forbidden access is denied
amlydiateAuthor Commented:
Thank you, that's all it was!! Removed port 80 forward to server and that's done the trick. Thanks to everyone else but this was by far the quickest and most straightforward answer.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now