loading...

Microsoft IIS 10.0 – Configuring security on IIS 10.0

How to check for updates on Windows Server 2019

In this recipe, we will configure IIS Manager permissions and IIS Manager users. We will also configure the machine key.

Getting ready

We require an up-and-running IIS 10.0 instance. Security components should be installed. You should have administrative privileges.

How to do it…

  1. Log in to Windows Server 2016 with an account with administrative privileges.
  2. Open Server Manager from the Start menu or use the search window to find it.
  3. Go to Tools | IIS Manager. Click on IIS server WIN2016IIS, go to Features View, and open IIS Manager Users, as shown here:
  1. You can add the new IIS user from IIS Manager Users (these are different from Windows users). Let’s move to IIS Manager Permissions. Expand the IIS server WIN2016IIS, expand the Sites folder, click on mysite.com, go to Features View, and open IIS Manager Permissions:
  1. Go to the Actions pane, and click on Allow User…. IIS Manager permissions are used to allow users or user groups on the local computer to manage a website. Let’s select mysite.com. Once you click on Allow User from the Actions pane, you will get the Allow User… window:
  1. Click on the Select… option. You will get the Select User or Group window, as shown in the following screenshot:
  1. Here, we will search for and select Windows Server users. I want to select the administrator user, so I type Administrator and click on the OK button. You can see that the administrator user has been selected:
  1. We have selected WIN2016IIS\Administrator (<local server name>\<username>). Click on OK . You can see in the IIS Manager Permissions pane that the administrator user has permission for mysite.com:
  1. This action specifies that only allowed users can access your website. Let’s move to the machine key.
  2. Go to the WIN2016IIS IIS server and click on WIN2016IIS. Go to Features View and select Machine Key, as shown here:
  1. Go to the Actions pane, click on Open Features, and click on Encryption Method. You will see that we have several options we can select. We will keep it at the default of Auto:
  1. The Machine Key is what we use to apply the configuration settings on the IIS server. Machine key configuration settings will have an effect on the IIS server level. Now, click on the Validation method drop-down menu. You have a list of validation methods available. We will select the default one, as shown here:

You can use the type of method and encryption you require.

How it works…

In this recipe, we configured and checked the IIS Manager permission, and we added the Windows user for IIS Manager permissions. We checked the IIS Manager user and also configured the machine key.

Comments are closed.

loading...