Technology with opinion

Wednesday, September 07, 2005

Best Practices: IIS

  1. Create entirely separate web sites for each ‘Solution’ or ‘Project’ that is deployed to your web server. Do not put all web sites beneath the ‘Default Web Site’ and ‘wwwroot’
  2. Document and then modify the NTFS permissions of your web root directories as needed by your web site
  3. Use HTTP Header to host multiple web sites on one server/environment
  4. Do not install Front Page extensions on a web server


Haven said...

I was wondering why you would suggest not using Frontpage extensions on a webserver?

Scott White said...

There are just more exploits for IIS if you have FrontPage installed. I realize that it may be required for Sharepoint and some other services, but it's one of those things that I feel that if you don't need it than don't install it.