Securing Access Control in Internet Information Services (IIS) 7 , Anonymous Web Server Access, IUSER accout

Internet Information Services (IIS) 7 uses a named user account to authenticate anonymous web site visitors.  This account on Internet Information Services (IIS) 7 server is created when you install Internet Information Services (IIS) 7 on Windows Operating System. The used account which is used to authenticate anonymous web site visitors to Internet Information Services (IIS) 7 web site is called IUSER_<computer_name>. This user account is visible when you open Local Users and Groups node in Server Manager, as shown below.

When a Web visitor accesses a Web site, the Internet Information Services (IIS) 7  will automatically logs that user on using the IUSER_<computer_name> account. This method of authenticate anonymous web site visitors using the IUSER_<computer_name> account allows system administrators granular access control on a Web server so that all anonymous users have the same level of access. This also allows the users who accessing the web site through their own user accounts for another level of access.

The access permissions of the web user accounts for anonymous logins should be restricted to the lowest level, so they cannot log on locally to the server nor access any resource outside the root of the web site.

IUSER_<computer_name> account ideally should not have the permission to write server hard disk or execute programs on server. If there is a need for other user accounts to grant certain users a higher level of access permission than the anonymous IUSER_<computer_name> account, administrator should create user accounts in server only to access the web site. Internal user accounts should not be used to login to the web server. It is a great threat to security if internal users, who can logon locally to internal machines, are exposed outside.