IIS web server

By default, the IIS web server is active under Windows and is used, for example, for the Beckhoff Device Manager and for the PLC HMI. In order to further secure the system and restrict access via the web server, you can:

disable the IIS web server
or restrict access from outside.

The decision as to which of the two options is the right one for you depends on your conditions of use. Please note that in the case of complete deactivation all applications that access the IIS web server are affected and will no longer work. With restricted access, only the Beckhoff Device Manager is no longer accessible. The local access to the Beckhoff Device Manager can still be used and all other applications are unaffected by a deactivation.

Deactivating the IIS web server:

Call the execute dialog with the shortcut [Windows key] + [R] and enter optionalfeatures.
The Windows Features window opens.
Disable the option under Internet Information Service.
The IIS web server is thus disabled. All applications that access the IIS web server are affected by this change.

Restricting access from outside:

1. In order to disable access from outside, call the execute dialog with the shortcut [Windows key] + [R] and enter compmgmt.msc.

2. On the left in the structure tree, select the entry Internet Information Services and under Connections the folder Sites.
IIS web server 2:

3. On the right under Actions, click Bindings. In the window Site Bindings, an asterisk (*) is displayed in the column IP Address for http and https.
IIS web server 3:

All accesses from outside are thus allowed.

4. Edit the entries for http or https and allow only local access with the entry 127.0.0.1.
IIS web server 4:

Access to the Beckhoff Device Manager from outside is restricted from now on. Local access is still possible with 127.0.0.1/config and all other applications are unaffected by a complete deactivation.