Redirect instead of IIS7 Welcome screen

Posted on 2012-08-29
Last Modified: 2013-12-02
Hi all,

We've recently had a penetration test carried out on our network and a series of low risk issues were raised. One of them was that when you enter the external IP address of my clients 2011SBS server it comes up with the IIS7 welcome page, in their words "this means that the web server has not been hardened". Their recommendation is to remove the IIS 7 welcome page and replace it with a redirect.  Not being any good with IIS I was wondering if someone could give me a quick step by step guide on how to acheive this to get rid of this "risk"

Many thanks

Question by:amlydiate
    LVL 11

    Expert Comment

    LVL 1

    Expert Comment


    The easiest thing to do is to replace the default page with a newly created one liner.

    <% Response.Redirect( url ) %>

    That link shows you some simple but powerful things you could do.

    LVL 77

    Accepted Solution

    If I recall correctly that only happens if port 80 is forwarded to the server.  With SBS there is no need for port 80 as all services use 443.

    With port 80 closed the default http://<IP> response should be Internet Explorer cannot open the page, and with https://<IP> it should return  401 - forbidden access is denied

    Author Closing Comment

    Thank you, that's all it was!! Removed port 80 forward to server and that's done the trick. Thanks to everyone else but this was by far the quickest and most straightforward answer.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    What is an ISAPI filter?   •      It's an assembly (.dll file) that can add or change the way IIS works.   •      They can be enabled globally for your web server or on a site-by-site basis.   When the IIS server receives a request, enabling the ISAPI fi…
    Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video discusses moving either the default database or any database to a new volume.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now