Ensure ‘directory browsing’ is set to disabled
Details Directory browsing allows the contents of a directory to be displayed upon request from a web client. If directory...
- Home
- Security Hardening
- CIS IIS 10 V1.1.1 L1
CIS IIS 10 V1.1.1 L1
Ensure Double-Encoded requests will be rejected – Applications
Details This Request Filter feature prevents attacks that rely on double-encoded requests and applies if an attacker submits a double-encoded...Ensure Double-Encoded requests will be rejected – Default
Details This Request Filter feature prevents attacks that rely on double-encoded requests and applies if an attacker submits a double-encoded...Ensure ‘Dynamic IP Address Restrictions’ is enabled – Deny By Concurrent Requests
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘Dynamic IP Address Restrictions’ is enabled – maxConcurrentRequests
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘ETW Logging’ is enabled
Details IIS introduces a new logging method. Administrators can now send logging information to Event Tracing for Windows (ETW) Rationale:...Ensure ‘ETW Logging’ is enabled – Sites logFormat W3C
Details IIS introduces a new logging method. Administrators can now send logging information to Event Tracing for Windows (ETW) Rationale:...Ensure ‘ETW Logging’ is enabled – Sites logFormat W3C with ETW target
Details IIS introduces a new logging method. Administrators can now send logging information to Event Tracing for Windows (ETW) Rationale:...Ensure ‘forms authentication’ require SSL – Applications
Details Forms-based authentication can pass credentials across the network in clear text. It is therefore imperative that the traffic between...Ensure ‘forms authentication’ require SSL – Default
Details Forms-based authentication can pass credentials across the network in clear text. It is therefore imperative that the traffic between...