Installing the Micetro Web Application on Windows - Micetro

On Windows, the Micetro Web Application requires Microsoft Internet Information Services (IIS) to be installed. The installer will verify the presence of all required components.

To install the Micetro Web Application, double-click on the Microsoft installer file and follow the instructions on the screen.

Warning: If the Web Application is installed on a different server than Micetro Central, you need to configure the Web app server host to the hostname of the web server. This setting can be adjusted in thesystem settings on the Admin page. Check System Settings > Advanced to make sure that the auto-update feature for the Web Application works correctly.

The Micetro Web Application installer configures the web server with HTTP support only to provide a functional foundation. It is the responsibility of the system administrator to configure HTTPS/TLS and ensure that the server follows the most current security best practices.

Web server best practices

To maintain a secure and reliable environment, it's strongly recommended to adhere to established best practices, including:

HTTPS/TLS only: Enforce HTTPS by redirecting all HTTP traffic. Disable obsolete protocols, e.g., SSLv2, SSLv3, TLS < v1.2, and weak cipher suites.
Principle of least privilege: Run services under dedicated, non-administrative accounts. Disable or remove unused modules and features.
Stay current: Apply the latest stable security patches to the operating system, web server, and all supporting components.
Server hardening: Minimize information disclosure, enforce strict file and directory permissions, and configure appropriate security headers, e.g., CSP, HSTS, X-Content-Type-Options.
Logging and monitoring: Enable detailed access and error logs, and integrate with centralized monitoring or SIEM solutions.
Access control: Where possible, restrict access using allow-listing or deny-listing to minimize the exposed service surface. Additionally, make use of built-in security modules, e.g., IIS Dynamic IP Restrictions or Apache mod_evasive or mod_security, to throttle or temporarily block abusive clients or subnets. This helps protect against brute force attempts and reduces the impact of denial-of-service style traffic.

Note: These best practices are provided for informational purposes only. They are not exhaustive and do not replace a formal security assessment, compliance review, or organization-specific security policies. Each environment is unique and additional hardening measures may be required.

Always consult official vendor documentation and applicable regulatory standards for information on security measures. For more information about web server security, refer the following:

IIS Crypto Tool, for assistance with IIS HTTPS setup
Mozilla SSL Configuration Generator, which generates secure configurations for different web servers
OWASP Secure Headers Project, which provides technical information about HTTP security headers
SSL Server Test, which provides a free SSL test for your public web servers
Mozilla HTTP Security Headers Test, which assesses a site's HTTP headers and other security configurations

For recommendations on how to secure your Micetro Web Application, refer to Securing the Web Application.

Installing the Micetro Web Application on Windows - Micetro - 25.2.0

Micetro Installation Guide

Web server best practices