hi,
1)Can we disable http options method for IIS?
Ans : Yes, in IIS under 'Request Filtering' --> HTTP Verbs --> OPTIONS Verb may be denied. This will not affect application functionality.
2)Can IIS default welcome page be removed?
Ans : Yes, you can delete this IIS default welcome page: C:\inetpub\wwwroot\iisstart.htm
3)Can we disable weak ciphers on application server?
Ans : Our application uses TLS 1.2 which is a secure protocol currently.
Yes, you can disable other weak ciphers after consulting with your IT/security team.
Sep 05, 2019 11:06 PM
Hi @khanhvd21 ,
In order to assist you further could you please outline your request in more detail?
It appears you have already posted the answers below each of the respective questions.
Sep 09, 2019 02:00 AM