Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Securing IIS 7.0 Best Practices

Posted on 2013-12-03
8
246 Views
Last Modified: 2013-12-09
Hello,

    I'm running Windows Server 2008 R2 with IIS 7.0 and SQL 2008 R2 on the same box. The server is behind a juniper firewall and only allows port 80 traffic. This server is isolated and does not have any link back to my domain, it sits in its own workgroup in a DMZ. The IIS Server hosts a VB application that people on and off campus need to access. The VB application links back to demographic data hosted on the local SQL 2008 R2 server.
     This server is kept up-to-date on all critical Microsoft security patches for the OS and related products. I monitor the server disk space usage and event logs. I log 5000 'sa' login attempts per day.

Any and all suggestions on how to keep this machine secure is appreciated.
0
Comment
Question by:FNDAdmin
  • 4
  • 4
8 Comments
 
LVL 33

Accepted Solution

by:
Big Monty earned 500 total points
ID: 39692671
you're definitely on the right track. you may also want to have a look at this article which discusses some default settings that should be in place to lock down IIS, as well as good permissions practices.
0
 

Author Comment

by:FNDAdmin
ID: 39692788
WOW! Great link and article Big_Daddy! That was definitely an eye opener. It will be fun implementing these suggestions.
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 39692872
glad I could help :)
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:FNDAdmin
ID: 39693080
Would there be any benefits to vitalizing these machines and splitting up the IIS and SQL into two separate virtual servers?
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 39693467
the benefits would be more related to performance than security. If the machine(s) are locked down properly, I don't think you would benefit greatly from 2 machines
0
 

Author Comment

by:FNDAdmin
ID: 39696512
Anyone know why my SQL server is getting pounded with 'sa' login attempts from China, yet only port 80 is open to the Internet? and my IIS logs do not show that much activity?
0
 
LVL 33

Expert Comment

by:Big Monty
ID: 39696522
i recommend opening a new question to get help with that, as that's an entirely different topic from what you originally asked.
0
 

Author Closing Comment

by:FNDAdmin
ID: 39705985
Great all encompassing article about IIS Security. Thanks!
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
In this article we will learn how to fix  “Cannot install SQL Server 2014 Service Pack 2: Unable to install windows installer msi file” error ?
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question