IIS Security

Running as an administrator, I can retrieve the account password stored by IIS for any application pool (using the WAMUserPass property).  But, unsurprisingly, an ASP.NET application running inside an application pool that is does not have administrator privileges ...

The application is a pair of ISAPI dlls running under IIS which in turn call some COM components, etc... They are set as high isolation in the IIS admin settings. This issue I saw when setting up our stuff on ...

Hi all, I'm having an issue with Web Folders and Integrated Authentication. Basically I've an IIS 6 website setup that contains some web folders. Inside the web folders are a collection of file types including Office documents, text files and images.  The website is setup to use ...

I had a scan done to my server and this came up. "Microsoft Internet Information Server Hit Highlighting Authentication Bypass Vulnerability" The suggested fix is to upgrade to IIS6.0 , I can't because it's Win2000 std svr, it also says to disable the indexing service.. How do I do this? ...

sennder en prøve svar tilbake på    N   O  R  S  K  !!!!!! ...

I want to use an application which enables 2 factor authentication on IIS websites i.e([link]). Unfortunately I'm already using a portal application which does not run on IIS but am interested to protect via ...

I have a wildcard ssl that most of my sites use.  I need to add a site that doesn't fit the wildcard naming scheme.  I have read that I need a unique IP address for the site so the users will be given the right ssl cert when they ...

Currently we have our web server compleley locked down by only allowing the web server to get out to needed websites by adding a rule to the router/firewall acl.  I can't seem to find a way to allow access to microsoft ...