Forum Discussion

olkipolki's avatar
olkipolki
Copper Contributor
Oct 18, 2023

IIS Hardening issues

Hello, we need to fix these IIS hardening issues. Is it allowed to set these without break sharepoint functionality?  and how should i set/fix these?  1. Ensure 'host headers' are on all sites ...
admin
IIS bindings
SharePoint On Premise
LuigiBruno's avatar
LuigiBruno
Iron Contributor
Oct 18, 2023

Hello olkipolki.

 

I would avoid touching those IIS settings: as an example, you can control the file types uploaded to SharePoint via the web application configuration from the Central Administration; on the other side, you shouldn't adjust allowed verbs in IIS unless strictly necessary for some specific reason (e.g.: custom code).
You can perform some tests after taking a backup of the sites that would be affected by the changes in IIS settings, for you to be able to restore the previous configuration in case of any error.

 

Bye.

olkipolki's avatar
olkipolki
Copper Contributor
Oct 19, 2023

LuigiBruno Thanks for your reply. What do you think about the other two settings 1. host headers, 3. HSTS Header? for the HSTS header settings i'
ve found this powershell script. is it viable/recommended to set it this way for Sharepoint 2016?

$wa = Get-SPWebApplication https://sharepoint.example.com
$wa.HttpStrictTransportSecuritySettings.IsEnabled = $true
$wa.Update()

thanks

 

Resources