Whitelisting Windows IIS and WebDAV Traffic

Abstract: Since web servers typically serve as the public face of an organization, they are a frequent target of attacks. For this reason, web server security is essential. Microsoft's Internet Information Services (IIS) web server includes a Request Filtering module that can filter HTTP requests in order to reduce a web server's attack surface. This document provides guidance on how to use Request Filtering to better secure IIS web servers through a strategy of HTTP and WebDAV verb whitelisting.

Date Published:

Last Reviewed: 18 May 2017

Creator: Vulnerability Solutions

Dissemination Control: N/A

Length: 13 page(s)

Format: pdf

Type: Reference/Overview; Report

Tags: Microsoft; Internet Information Services (IIS); HTTP; Request Filtering; web server; Traffic