08-11-2005, 10:34 AM
|
|
Newbie
|
|
Join Date: May 2005
Location: North VA
Posts: 29
|
|
Learn to configure windows 2003 into a web server?
I'm about to get my windows 2003 deticated server and i need to know how to make it into a web server. It is unmanaged so that is why i need to learn how to. My site will run off mySQl. Please post any links that show you how to do this and secure your windows server. There is nothing in Dedicated Server Tutorials. thanks
|
08-11-2005, 10:50 AM
|
|
Managed Hosting Expert
|
|
Join Date: Jan 2004
Location: North Yorkshire, UK
Posts: 4,163
|
|
It's pretty simple, install IIS, change a few settings, install MySQL and you're done. Configure your firewall, install some antivirus, run Windows Update, and you're done really.
If you're in doubt about the security of your box always consult someone who really knows what they're doing ...
__________________
█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
|
08-11-2005, 11:24 AM
|
|
Newbie
|
|
Join Date: May 2005
Location: North VA
Posts: 29
|
|
i know this might been dumb but where do u get IIS from
|
08-11-2005, 11:42 AM
|
|
Newbie
|
|
Join Date: Jun 2005
Location: Chicago
Posts: 10
|
|
It's on the Win2k3 CD. There should be a one click option from "Manage Your Server" in the start menu (or Administrative Tools) to turn it into a Web server.
Before you do anything, though, make sure Service Pack 1 is installed and the firewall is enabled.
|
08-11-2005, 12:32 PM
|
|
Carpe Diem
|
|
Join Date: Jul 2003
Location: Connecticut
Posts: 3,038
|
|
You might need the I386 directory to install some components. Have your server provider put a copy of the files on your machine for you if they aren't there already.
|
08-11-2005, 12:42 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Oct 2004
Posts: 69
|
|
Start > Settings > Control Panel > Add or Remove Programs > Add/Remove Windows Components > Applications Server > Details
|
08-11-2005, 01:51 PM
|
|
Managed Hosting Expert
|
|
Join Date: Jan 2004
Location: North Yorkshire, UK
Posts: 4,163
|
|
Quote:
Originally posted by factorx
i know this might been dumb but where do u get IIS from
|
No offence, but if you don't know this, you really need someone to get your server secured down, etc.
__________________
█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
|
08-11-2005, 02:29 PM
|
|
Disabled
|
|
Join Date: Jan 2004
Location: Tampa FL
Posts: 2,302
|
|
Quote:
Originally posted by RazorBlue - Dan
No offence, but if you don't know this, you really need someone to get your server secured down, etc.
|
Don't most providers secure the box before they put it on the network , that would be a huge security risk for a network , I know we do this on every box that we install. Cuts down on reloads and other stuff that is a total pain in the butt for a provider.
|
08-11-2005, 07:04 PM
|
|
Managed Hosting Expert
|
|
Join Date: Jan 2004
Location: North Yorkshire, UK
Posts: 4,163
|
|
They're secured to the point that you can't get in, but once you install services such as a control panel, IIS, etc, etc you're opening potential security holes, and this is where you need to make sure all your permissions are set correctly, and unwanted traffic is blocked.
One thing tons of people seem to forget is AntiVirus, all someone needs to do is upload an infected EXE, and your server is messed up.
__________________
█ Dan Kitchen | Technical Director | Razorblue
█ ddi: (+44) (0)1748 900 680 | e: dkitchen@razorblue.com
█ UK Intensive Managed Hosting, Clusters and Colocation.
█ HP Servers, Cisco/Juniper Powered BGP Network (AS15692).
|
08-11-2005, 08:07 PM
|
|
Web Hosting Master
|
|
Join Date: Apr 2004
Posts: 1,830
|
|
Quote:
Originally posted by RazorBlue - Dan
all someone needs to do is upload an infected EXE, and your server is messed up.
|
WRONG, WRONG, WRONG WRONG WRONG.
This common misconception drives me NUTS. An exceutable cannot infect your machine by FTP'ing to the wwwroot/ under "normal" or "default" permissions.
__________________
█ Netrouting ▪ a.new.experience ▪ Since 2007
█ ☁ Cloud Hosting ▪ VPS ▪ Dedicated ▪ Colocation ▪ Connectivity
█ 100Gbps+ Capacity Worldwide! ▪ Amsterdam ▪ Stockholm ▪ Miami
█ www.netrouting.com ▪ Read our Blog ▪ Twitter @netrouting
|
08-11-2005, 08:11 PM
|
|
Web Hosting Master
|
|
Join Date: Apr 2004
Posts: 1,830
|
|
Quote:
Originally posted by HiVelocity
Don't most providers secure the box before they put it on the network , that would be a huge security risk for a network , I know we do this on every box that we install. Cuts down on reloads and other stuff that is a total pain in the butt for a provider.
|
Windows Server 2003 is installed in a "secure" manner, anyway. And any provider should provide SP1 and aplicable patches. This goes without saying.
The "securing" that the poster is talking about has nothing to do with how you deliver a server. Its the exploitations in applications that need securing.
There are people that make a fine living securing servers. I doubt that an ISP delivered box that is considered "secured" is what this subject is about.
__________________
█ Netrouting ▪ a.new.experience ▪ Since 2007
█ ☁ Cloud Hosting ▪ VPS ▪ Dedicated ▪ Colocation ▪ Connectivity
█ 100Gbps+ Capacity Worldwide! ▪ Amsterdam ▪ Stockholm ▪ Miami
█ www.netrouting.com ▪ Read our Blog ▪ Twitter @netrouting
|
08-11-2005, 11:30 PM
|
|
Web Hosting Master
|
|
Join Date: Mar 2005
Location: NY USA
Posts: 839
|
|
ANY provider who supplies Windows will install the OS and all critical updates before handing it off to the customer, and by default Windows 2003 is pretty much secure at that point. Just about any provider is going to copy the i386 folder over too, look for C:\i386 or C:\WindowsCD or something
But after you install IIS, it's by default not going to allow certain types of files to be downloaded, and certain types of scripts to be run, this is where people often open themselves up to disaster. Don't just indescriminently change permissions and allow scripts to be run, know what you need, and enable what you need for the sites you need them for.
There is lots of documentation out on the net for IIS, do some reading, there is also a forum dedicated to IIS with some experts on it. http://www.iis-resources.com They have been helpful to me in the past.
The Microsoft Baseline Security Analyzer is another good tool for checking best practices.
__________________
 EZZI.net - A Service of Access Integrated Technologies Inc
Running data centers, nationwide data network, and world-wide VoIP network.
http://www.EZZI.net sales@ezzi.net |
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
