Add security to IIS Web Server

Question

I'm developing some web site that run on IIS 7 and can connect to SQL server via php. The problem is I think its not safe because everyone that know my public IP address can freely access my site (the site is not for public, but I need it to be accessible to some people). How can I add security to this website of mine?

I have search for some type of security like authentication in IIS, but I don't know what should be used. Can I just add id and password like when we try to open page for configure router (192.168.0.1) .

score 0 · Answer 1 · edited May 23 '17 at 12:15

0

You can easily disable anonymous authentication and enable basic authentication in IIS 7 using IIS manager.

Here is a Technet link and an SO post with details:

edited May 23 '17 at 12:15

Community

1
1

answered Dec 03 '15 at 08:37

Matt Evans

7,113
7
32
64

score 0 · Answer 2 · answered Dec 03 '15 at 08:42

Is it a standalone server or do you run the IIS server on a desktop? If your the only one who should access your site you could also use Intergrated windows authentication (IWA). IWA is a feature of the IIS Server, so if you wan't to use is you should enable it first.

Add security to IIS Web Server

2 Answers2