3 Replies Latest reply on Jul 3, 2012 10:52 AM by mat.kordell

    EMM Proxy IIS

    redbaron51

      Hi all,

       

      We have the enahnced setup configured on our network, with the Proxy VM in the DMZ and the Hub VM in the internal network.

       

      We do security scan on our network and noticed that the Welcome Page of the default website (where EMM installs) appears when you browse via public IP or friendly name.

       

      I am wondering how we can get around and disable this, so nothing is displayed.

       

      Help is appreciated.

        • 1. Re: EMM Proxy IIS

          Hi, you can stop the "DefaultAppPool" in the IIS settings.

          This should solve your problem.

          Regards

          Roland

          • 2. Re: EMM Proxy IIS
            redbaron51

            Hi Roland,

             

            I still have not tried your suggestion...

             

            reply from McAfee support:

             

            "...I checked that DefaultAppPool should not be stopped...."

             

            "....delete iisstart.htm or remove it from the list of acceptable default  Web pages in the Default Website. Also it is related to IIS and beyond the scope of our product ..."

             

            I had already renamed iisstart.htm and it displays a 404 access denied; however from a hackers' point of view they still will know that a webserver is running on that IP/name. Furthermore after renaming the iisstart.htm file log files of over 4Gb in size have been created on W3SVC1 folder.

            • 3. Re: EMM Proxy IIS
              mat.kordell

              Well you need https available from the outside for everything to work properly so you can't disable that but as for blocking the insecure http page, is it not acceptable to leave everything at the defaults and block port 80 on the firewall from the internet and internal zones?