Re: How to close on IIS any port except 443?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Ken Schaefer (kenREMOVE_at_THISadopenstatic.com)
Date: 11/16/04

Next message: Ken Schaefer: "Re: PKI / SSL"
Previous message: Ken Schaefer: "Re: Cannot set wildcard script mapping in XP Pro IIS 5.1"
In reply to: Evgeny Zoldin: "Re: How to close on IIS any port except 443?"
Next in thread: Jeff Cochran: "Re: How to close on IIS any port except 443?"
Messages sorted by: [ date ] [ thread ]

Date: Tue, 16 Nov 2004 22:06:15 +1100

In IIS Manager, tick the box that says "require SSL". That still leaves port
80 open, but anyone connecting will get an error attempting to connect.

Otherwise, other options are:
a) firewall/router (either software on the box -or- hardware device. If
you're behind a router, do not configure a route for HTTP traffic). If
you're behind a NAT device, do not configure port forwarding for port 80

b) IPSec rules:
http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.mspx
Using IPSec to Lock Down a Server

Cheers
Ken

"Evgeny Zoldin" <zoldin@hotmail.com> wrote in message
news:ue9Q6j1yEHA.3120@TK2MSFTNGP12.phx.gbl...
> Hi,
>
> thanks for advice, but it is not clear how to bind site to port 443 only,
> because IIS does not allow TCP Port (Properties of Default Web Site-> tab
> Web Site) either to be either empty or to contain the same value that
> assigned to SSL Port :-(
>
> Evgeny
>
> "Jeff Cochran" <jeff.nospam@zina.com> wrote in message
> news:419c13c6.1471670810@msnews.microsoft.com...
>> On Mon, 15 Nov 2004 21:13:51 +0100, "Evgeny Zoldin"
>> <zoldin@hotmail.com> wrote:
>>
>>>I would configure ISS 5.1 for some secure WEB application so, that only
>>>one
>>>port 443 will remain opened. But how can I do port 80 and all others to
>>>be
>>>unaccessible from Internet?
>>
>> Obvious answer: Don't open them in your firewall.
>>
>> Less obvious: Bind your site to only port 443.
>>
>> You will of course have trouble with users who try http:// instead of
>> https:// to your site.
>>
>> Jeff
>
>

Next message: Ken Schaefer: "Re: PKI / SSL"
Previous message: Ken Schaefer: "Re: Cannot set wildcard script mapping in XP Pro IIS 5.1"
In reply to: Evgeny Zoldin: "Re: How to close on IIS any port except 443?"
Next in thread: Jeff Cochran: "Re: How to close on IIS any port except 443?"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

TCP connection to MAC address
... I have a hardware device which requires the this procedure to set it's ... Basically it looks like creating a TCP connection on port 1, ... MAC address instead of IP address, then a normal TCP connection on port ... 80 to do an HTTP POST and set the IP address. ...
(microsoft.public.dotnet.languages.csharp)
Re: Serial Input - 115kbaud stream
... > I am catching data from a hardware device which talks only at 115k. ... > device streams data pretty much all the time. ... that I am getting a File I/O error on the comm. ... around the read from the com port and then to ...
(comp.lang.tcl)
Re: missing com ports??
... The hardware device that you see in device manager is most likely a USB controller or "root hub", not an RS-232 port. ... You would normally have to go to the Toshiba web site and get all of the necessary drivers, and install them. ...
(comp.sys.laptops)
RE: Networked printers
... Install the driver as a local, hardware device (LPT1 or TCP/IP) and then ... change the port. ...
(microsoft.public.windowsxp.network_web)
Re: Epson Stylus Photo 825 Printer port
... >>that came with the printer does not say anything about this ten pin ... Now my problem is how do I connect the printer to standard TV ... >>from this port? ... > It was a hardware device that enabled you to view digital camera files ...
(sci.electronics.repair)