How to Secure the Microsoft Web Platform

by Tali Smith

Security is always a consideration; it is critical to make careful security considerations when you implement and maintain your Web sites, infrastructure, and applications. Internet Information Services 7 (IIS 7) and above offers many ways to configure security, including dynamic IP restrictions, application pool identities, and Secure Sockets Layer (SSL). IIS also provides a comprehensive set of authentication and authorization features that can be used to create the desired access control scheme for PHP applications without writing any custom code. You can use features such as Forms Authentication, Role Manager, and URL Authorization to quickly deploy access control solutions that are easily manageable through IIS Manager and other tools.

The following articles provide guidance: