Is there is a folder named inetpub on your C drive? If there is, then do you know what it is? If you don’t know, then you should read this post carefully. In this post, MiniTool will tell you what the inetpub folder is and how it works.

There are several folders that exist on your computer, such as System32 and $WINDOWS.~BT, and this post is mainly talking about the inetpub folder. Now let’s take a look at the inetpub folder.

Definition of the Inetpub Folder

What is inetpub folder? It is a folder that contains the website content and web apps. The website content and web apps are kept organized and secure in this folder. What’s more, it is the default folder for Microsoft Internet Information Services (IIS). IIS also allows multiple domains to be provided from an inetpub folder.

the inetpub folder

Related post: How To Check IIS Version On Windows 10/8/7 Yourself

How Does the Inetpub Folder Work?

The inetpub folder is located in the C drive and possesses 5 subfolders, which has been listed below:

  • Adminscripts, the home of administration scripts, allows you to automate server administration tasks and remotely administer websites provided from inetpub folder.
  • Iissamples contains sample applications that enable developers to understand how websites and web applications work. The content is only for demonstration purposes. Using any sample site on a running IIS Web server puts the computer at risk.
  • Mailroot and its associated subfolders are used to handle mail SMTP services.
  • Scripts contains web applications that add functionality to websites.
  • Wwwroot contains all web pages and content that will be published on the web. This is the default directory for publishing web pages.

Advantages of Developing a Site in the Inetpub Folder

The IIS Web server enables developers to serve websites from any location on the computer. By keeping the website in the inetpub subfolders, the files only have proper access rights, and the website can be properly protected.

Like many Windows products, there is an active community of developers who hate to use IIS as a web server. They tend to use Apache – an open-source web server.

But developers using IIS believe that it is much easier to start and set up websites than to use Apache. Then, after learning how to build and manage websites on IIS, developers often stick to their knowledge.

And because IIS is a Microsoft product, Microsoft is willing to invest a lot of resources to develop the IIS Web server, protecting the host computer and providing support to solve the problem. There is also a fairly large community of developers who can help each other solve any problems.

Developers and third-party vendors also have a wide range of products to enhance and protect IIS Web servers.

Related post: What Is IIS? How to Install It on Windows 10? [Jan 2020]

Ways to Prevent Inetpub Vulnerabilities

By using IIS, any Windows computer can serve web pages from the inetpub folder. However, this makes the computer vulnerable to attacks such as:

  • SSI Buffer overrun privilege elevation
  • Unicode .asp source code disclosure
  • Microsoft index server buffer overflow
  • File fragment disclosure
  • Web server file request parsing
  • Web server folder traversal
  • HTTP protocol stack vulnerability

But there are some methods that you can try to reduce the risk of being attacked:

  • Delete the iissamples subfolder.
  • Restrict access and NTFS permissions to files in the inetpub folder.
  • Move the website to another volume.
  • Uninstall all printers on the computer.
  • If the computer does not need to be a web server, close IIS.

Final Words

This post focuses on the inetpub folder, so after you have read this post, you should know what the inetpub folder is, how the folder work, and so on.

  • linkedin
  • reddit