Isolate applications in IIS 5.0 Isolation Mode
In IIS Manager, expand the local computer, expand the Website folder, right-click the application you want to quarantine, and then click Properties.
Click the Home Directory, Virtual Directory, or Directory tab (depending on the application). If you are in a directory listed as the Start Location directory, the Application Name box is filled in.
From the Execution Permissions list box, click the corresponding process options.
Click OK. Before creating a separate process, the web server completes any current processing of the application request. In the next request to the application, the application will run in the corresponding memory space.
Note The server-side application including Files (SSI) and Internet Database Connector (IDC) cannot run in memory space outside the Web server.
How to get and back up an SSL certificate
A Secure Sockets Layer (SSL) certificate contains information used to establish an identity over the network, which is called authentication. As common forms of verification, certificates enable web servers and users to work with each other before establishing a connection.
The "Server Certificate" contains information about the server, which allows the client to confirm the server before sharing sensitive information. The "Client Certificate" contains personal information about the customer requesting access to the site and can be correctly identified before allowing them to access the site.
This topic is limited to obtaining, installing, and backing up server certificates. For information about obtaining client certificates, see Obtaining client certificates.
There are two ways to obtain server certificates. You can issue your own certificate or get it from a certificate authority.
Important: You must be a member of the Administrators group on the local computer or must be delegated with the appropriate permissions to perform the following steps. As a best practice for security, log in to your computer using an account in a non-Administrators group and use the Run As command to perform this step as an administrator.
Publish your own server certificate
Use Microsoft Certificate Services 2.0 to create a custom service to publish and manage certificates. You can create server certificates for the Internet or corporate intranet so that the company has full control over the certificate management policy. For more information, see Microsoft Certificate Services Help.
-or-
Use the Web Server Certificate Wizard to request and install the server certificate.
Obtain server certificate from certificate authority
Find a certificate authority that provides services that meet your company's business needs and request a server certificate.
-or-
Use the Web Server Certificate Wizard to create a certificate request that you can send a certificate request to a certificate authority.
After the certificate has been processed and returned to you, use the Web Server Certificate Wizard to install the certificate.
It is important to protect certificates and keys; they must be backed up to disk and saved in a safe place.
Create a backup copy of the server certificate and private key
Find the correct certificate store. This is usually the local computer storage location in the certificate manager.
If you do not install Certificate Manager in the Microsoft Management Console (MMC), you need to install it.
Right-click the certificate in the Personal Storage location, point to All Tasks, and then click Export.
Select Yes, export private key.
Follow the default settings in the wizard and when prompted, type a password for the certificate backup file.
Do not select "Delete key if export succeeds" as this will disable the current server certificate.
Complete the wizard to export a backup copy of the server certificate.
If you have already installed Certificate Manager in the MMC, it points to the correct local computer certificate storage location.
Add Certificate Manager to MMC
From the Start menu, click Run.
In the Open box, type mmc, and then click OK. "Microsoft Management Console" appears.
On the File menu, click Add/Remove snap-in.
On the Standalone tab, click Add.
From the Available Standalone snap-ins list box, click Certificate, and then click Add.
Click the Computer Account option, and then click Next.
Click the Local Computer (the computer running this console) option, and then click Finish.
Click Close, and then click OK.
How to back up and restore configuration databases
IIS administrators can use IIS Manager or programmatic management scripts to create backup files. A backup file refers to a copy of the configuration database configuration file () and the matching configuration database schema file (). Use the backup and restore function of the configuration database configuration to restore the configuration database from the backup file.
Important: You must be a member of the Administrators group on the local computer or must be delegated with the appropriate permissions to perform the following steps. As a best security practice, log in to the computer using an account that does not belong to the Administrators group, and then run IIS Manager as an administrator using the Run As command. At the command prompt, type runas /user:administrative_accountname "mmc %systemroot%\system32\inetsrv\".
Create a secure backup (password required)
In IIS Manager, right-click the local computer, point to All Tasks, and then click Backup/Restore Configuration.
Click Create Backup.
In the Configure Backup Name box, type a name for the backup file.
Select the Encrypt backup with password check box, type the password in the Password box, and then type the same password in the Confirm Password box.
Click OK, and then click Close.
Create an unprotected backup (no password required)
In IIS Manager, right-click the local computer, point to All Tasks, and then click Backup/Restore Configuration.
Click Create Backup.
In the Configure Backup Name box, type a name for the backup file.
Click OK, and then click Close.
Restore configuration database backup
Previous page123Next pageRead the full text