Today we are going to share a couple of quick and easy ways to help prevent your Windows IIS server from being exposed to potential hazards and improve your penetration test scores. These are just some basic measures to cover to be proactive and defensive in your strategy.
First off, you can hide any public branding IIS exposes digitally to prying eyes looking at your server with a few simple steps which address the following.
As reported by our penetration test tool below:
Server information header exposed vulnerabilities can be uncovered more easily Website Security 1 / 1 domain/IP Exposing information about the server version increases the ability of attackers to exploit certain vulnerabilities. The website configuration should be changed to prevent version information being revealed in the ‘server’ header.
X-Powered-By header exposed Vulnerabilities can be uncovered more easily Website Security 1 / 1 domain/IP The X-Powered-By header reveals information about specific technology used on the server. This information can be used to exploit vulnerabilities. The server configuration should be changed to remove this header.
You can add these three entries into your project’s web.config file (inside of the <system.webServer> section and inside of the <outboundRules> section) to address these vulnerabilities.
<rule name=”outbound-rule-1″>
<match serverVariable=”RESPONSE_SERVER” pattern=”.*” />
<action type=”Rewrite” />
</rule>
<rule name=”outbound-rule-2″>
<match serverVariable=”RESPONSE_X-POWERED-BY” pattern=”.*” />
<action type=”Rewrite” />
</rule>
<rule name=”outbound-rule-3″>
<match serverVariable=”RESPONSE_X-ASPNET-VERSION” pattern=”.*” />
<action type=”Rewrite” />
</rule>
And while you are in there you can add another entry to the same section to address the following:
HTTP Strict Transport Security (HSTS) not enforced Susceptible to man-in-the-middle attacks Website Security 1 / 1 domain/IP Without HSTS enforced, people browsing this site are more susceptible to man-in-the-middle attacks. The server should be configured to support HSTS.
<rule name=”Add the STS header in HTTPS responses”>
<match serverVariable=”RESPONSE_Strict_Transport_Security” pattern=”.*” />
<conditions>
<add input=”{HTTPS}” pattern=”on” />
</conditions>
<action type=”Rewrite” value=”max-age=31536000″ />
</rule>
We hope these simple tips help you to secure your server environments for you or your customers. If you have any other questions or want to learn more about the Microsoft Azure Cloud please contact us today!