|
Home > Archive > IIS Server Security > July 2004 > Trimming down App. Mappings in IIS 6.0
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Trimming down App. Mappings in IIS 6.0
|
|
|
| I'm trying to find explanation for the application mappings
which get installed with IIS 6.0 and .net framework.
Which ones do we really need to keep if we are primarily using asp and aspx
(.Net)?
I would like to hear from the IIS admins if it's a good practice to trim
down the application mappings or leave them whatever IIS 6.0 sets up since
it is supposed to be secured to start with?
Appreciate your time.
..htw, .ida, .idq, .asp, .cer, .cdx, .asa, .idc, .shtm, .shtml, .stm,
..net:
=====
..asax
..ascx
..ashx
..asmx
..aspx
..axd
..vsdisco
..rem
..soap
..config
..cs
..csproj
..vb
..vbproj
..webinfo
..licx
..resx
..resources
Thanks,
Paul
| |
| Bernard 2004-07-27, 8:55 pm |
| Yes,it is always good practice to remove unused application mapping.
For asp, you only need asp and asa
For .net list, if you are sure you won't be using .asmx, you can remove it
as well.
so based on your application design, you should disabled those unneeded
extension.
Part of Urlscan installation, is to remove application mapping and map
unused extension to 404.dll
--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/
"PaulT" <pthakur@apsc.com> wrote in message
news:O7GYjSCdEHA.1604@TK2MSFTNGP11.phx.gbl...
> I'm trying to find explanation for the application mappings
> which get installed with IIS 6.0 and .net framework.
>
> Which ones do we really need to keep if we are primarily using asp and
aspx
> (.Net)?
>
> I would like to hear from the IIS admins if it's a good practice to trim
> down the application mappings or leave them whatever IIS 6.0 sets up since
> it is supposed to be secured to start with?
>
> Appreciate your time.
>
> .htw, .ida, .idq, .asp, .cer, .cdx, .asa, .idc, .shtm, .shtml, .stm,
>
> .net:
> =====
> .asax
> .ascx
> .ashx
> .asmx
> .aspx
> .axd
> .vsdisco
> .rem
> .soap
> .config
> .cs
> .csproj
> .vb
> .vbproj
> .webinfo
> .licx
> .resx
> .resources
>
> Thanks,
> Paul
>
>
| |
| Paul Lynch 2004-07-28, 2:59 am |
| On Tue, 27 Jul 2004 14:56:56 -0700, "PaulT" <pthakur@apsc.com> wrote:
>I'm trying to find explanation for the application mappings
>which get installed with IIS 6.0 and .net framework.
>
>Which ones do we really need to keep if we are primarily using asp and aspx
>(.Net)?
>
>I would like to hear from the IIS admins if it's a good practice to trim
>down the application mappings or leave them whatever IIS 6.0 sets up since
>it is supposed to be secured to start with?
>
>Appreciate your time.
< SNIP >
Paul,
Have a look at this list, it might help you decide what to do :
http://www.iisfaq.com/Default.aspx?tabid=2552
Regards,
Paul Lynch
MCSE
|
|
|
|
|