Abstract: Since web servers typically serve as the public face of an organization, they are a frequent target of attacks. For this reason, web server security is essential. Microsoft's Internet Information Services (IIS) web server includes a Request Filtering module that can filter HTTP requests in order to reduce a web server's attack surface. This document provides guidance on how to use Request Filtering to better secure IIS web servers through a strategy of HTTP and WebDAV verb whitelisting.
Date Published: 18 May 2017
Last Reviewed: 18 May 2017
Creator: Vulnerability Solutions
Dissemination Control: N/A
Length: 13 page(s)