Hi,
I am currently working on PowerShell cmdlets to apply server hardening (more to IIS hardening) based on CIS benchmark framework.
my task is to relate the hardening steps which is in GUI from to PowerShell cmd to able to automate the hardening processes.
I need some help on this portion
" Ensure ‘passwordFormat’ is not set to clear (Scored)"
Description:
The element of the
element allows optional definitions of name and password for IIS Manager User accounts within the configuration file. Forms based authentication also uses these elements to define the users. IIS Manager Users can use the administration interface to connect to sites and applications in which they’ve been granted authorization. Note that the
element only applies when the default provider,
ConfigurationAuthenticationProvider
, is configured as the authentication provider. It is recommended that passwordFormat
be set to a value other than Clear
, such as SHA1
.
Rationale:
Authentication credentials should always be protected to reduce the risk of stolen authentication credentials.
with all the information provided above, I tried to do up an automated script.
thus, I had some difficulties locating machine.config file <strong>via PowerShell</strong> to configure the passwordFormat from clear to sha1.
Really appreciate some help from those who have managed to do before to share some idea.
Thank you @Ratty