Article ID: 254355
This article was previously published under Q254355
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspxFor more information about IIS 7.0, visit the following Microsoft Web site:
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
When a user attempts to remotely connect to the IISADMIN virtual directory (or possibly some other administrative share) of either the default Web site or the Administrative Web site on an Internet Information Services Server 4.0 or Internet Information Services 5.0 server, the connection fails, and the following error message appears in the browser:
Access to Internet Services Manager (HTML) is restricted to Localhost
The reason for this error is that permissions for that virtual directory, by default, restrict access to only those persons actually logged on to the local computer, not people connecting across the network.
Permissions to this folder (or any administrative virtual directory) should not be adjusted without great care because they can allow a high degree of control over the Web Server.
NOTE: You are strongly discouraged from changing these attributes because of the security implications.
You can use this procedure too allow or change access to the IISADMIN directory:
Another way that you can delegate permissions is to make a copy of the IISADMIN Web site and place it into the directory structure of the Web sites that are being hosted on this server. This allows the administrator to delegate control to some other person. Again, the Directory Security must be amended to open up access beyond the local computer.