Ensure Default IIS web log location is moved
Details IIS will log relatively detailed information on every request. These logs are usually the first item looked at in...
- Home
- Security Hardening
- CIS IIS 8.0 V1.5.0 L1
CIS IIS 8.0 V1.5.0 L1
Ensure ‘deployment method retail’ is set
Details The switch is intended for use by production IIS servers. This switch is used to help applications run with...Ensure ‘directory browsing’ is set to disabled
Details Directory browsing allows the contents of a directory to be displayed upon request from a web client. If directory...Ensure Double-Encoded Requests will be Rejected – Applications
Details This Request Filter feature prevents attacks that rely on double-encoded requests and applies if an attacker submits a double-encoded...Ensure Double-Encoded Requests will be Rejected – Default
Details This Request Filter feature prevents attacks that rely on double-encoded requests and applies if an attacker submits a double-encoded...Ensure ‘Dynamic IP Address Restrictions’ is enabled
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘Dynamic IP Address Restrictions’ is enabled – Deny By Conccurent Requests
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘Dynamic IP Address Restrictions’ is enabled – Deny By Request Rate
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘Dynamic IP Address Restrictions’ is enabled – Not Logging Only Mode
Details IIS Dynamic IP Address Restrictions capability can be used to thwart DDos attacks. This is complimentary to the IP...Ensure ‘ETW Logging’ is enabled
Details IIS introduces a new logging method. Administrators can now send logging information to Event Tracing for Windows (ETW). IIS...