We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

View Complete Thread
  • Re: is IIS password authentification secure?

    Mar 30, 2021 07:23 PM|lextm|LINK

    icram

    If I only publish the SSL site to Internet and prevent anonymous acces and activate basic authentification, is that enough? (Server2019)

    HTTPS + Basic authentication can only solve part of the security challenge, but they are far from enough.

    You still need much more measures (especially related to the site itself, like web framework/code) in order to achieve better security.

    Hire a security consultant so that he/she can help you out.

    Lex Li
    Want to have a chat on the issues you meet? Book an appointment at https://buy.stripe.com/cN24ia0yi7sAdIA7sv
    ---------------------------
    This posting is provided "AS IS" with no warranties, and confers no rights.