Windows Server

Windows Server 2008 : Configuring IIS Security (part 7)

12/12/2010 9:05:38 AM
Configuring Handler Mappings

When you add the Web Server (IIS) role to Windows Server 2008, a default set of handler mappings are defined for the Web server and for the default Web site. New Web sites and Web applications are also configured with a default set of handler mappings. In addition, when you add role services to the Web Server (IIS) role, additional handler mappings might be added automatically to the configuration.

You can use IIS Manager to configure handler mappings. After you have connected to an installation of IIS, you must choose at which level you want to configure mappings. You can configure mappings at the following levels:

  • Web Server

  • Web Sites

  • Web Applications

  • Virtual Directories

  • Web Folders

Child items in the hierarchy automatically inherit handler mappings. For example, a child item automatically inherits the default handler mappings for a new Web application from the configuration of the parent Web site. Settings made at lower levels override the settings from higher levels. This enables a specific Web application to support a certain type of file content (such as ASP.NET pages) whereas other applications and the parent Web site might support only static content.

To view the handler mappings that are configured at a specific level, click the relevant object in the left pane of IIS Manager. Then, select Handler Mappings from the Features View in the center pane. Figure 13 shows the handler mappings that are defined for a Web site.

Figure 13. Viewing handler mappings for a Web site

The display includes information about all the handler mappings defined at the selected level. The name specifies information about the request handler itself. Examples include StaticFile and ASPClassic. Built-in handler mappings have default names, but administrators can provide names for new mappings when they are created. The Path column shows the specific request extensions for which the handler will be used.

The State column specifies whether the handler is enabled or disabled. If the handler is disabled, requests that match the mapping will not be processed. The Handler column specifies details about the program that is to be called. Finally, the Entry Type specifies whether the handler mapping is inherited from a parent object or is Local (defined directly for this object).

You can use the Group By drop-down list to view handler mappings based on different criteria. The Entry Type shows which settings have been inherited from parent objects and which handlers are configured directly for the selected object. The State grouping shows which handler mappings are enabled and which are disabled. These view options make it easy to determine the security attack surface for each component of the Web server.

Removing Handler Mappings

To secure your Web content, it is a good idea to remove any request handlers that you know will not be required when running in production. To remove a handler mapping, click it, and then select the Remove command from the Actions pane. After a handler is removed, requests for the types of content that it handled will not be processed. For example, Figure 14 shows the result that is returned to a local Web browser when the StaticFile request handler has been removed for the Web application. In this case, the request file (default.htm) is present in the Web application folder. However, because no request handler is available for the .htm file extension, the request cannot be processed. To the requester, it appears that the file does not exist.

Figure 14. A detailed request handler error page

Other -----------------
- Windows Server 2008 Server Core : Performing Server Updates
- Windows Server 2008 Server Core : Deciding How to Perform Maintenance
- Windows Server 2008 Server Core : Performing Application Installations
- Configuring Internet Information Services (part 7)
- Configuring Internet Information Services (part 6) - Migrating From IIS 6.0
- Configuring Internet Information Services (part 5) - Managing Web Server Configuration Files
- Configuring Internet Information Services (part 4)
- Configuring Internet Information Services (part 3) - Understanding Web Applications
- Configuring Internet Information Services (part 2) - Creating and Configuring Web Sites
- Configuring Internet Information Services (part 1) - Working with IIS Management Tools
- Windows Server 2008 : Installing the Web Server Role (part 9) - Using Windows System Resource Manager
- Windows Server 2008 : Installing the Web Server Role (part 8)
- Windows Server 2008 : Installing the Web Server Role (part 7)
- Windows Server 2008 : Installing the Web Server Role (part 6)
- Windows Server 2008 : Installing the Web Server Role (part 5)
- Windows Server 2008 : Installing the Web Server Role (part 4)
- Windows Server 2008 : Installing the Web Server Role (part 3)
- Windows Server 2008 : Installing the Web Server Role (part 2)
- Windows Server 2008 : Installing the Web Server Role (part 1)
- Windows Server 2008 : Recovering Role Services and Features (part 4)
- First look: Apple Watch

- 10 Amazing Tools You Should Be Using with Dropbox

- Sigma 24mm f/1.4 DG HSM Art

- Canon EF11-24mm f/4L USM

- Creative Sound Blaster Roar 2

- Alienware 17 - Dell's Alienware laptops

- Smartwatch : Wellograph

- Xiaomi Redmi 2
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8