How can I protect against inbound malicious website threats on port 80 and 443?

Question

We have a web app that lives on port 80 and 443 on a windows server with IIS.
Everything else is locked down. Physical Firewall with VPN.

What is the name given to attacks that come through the web ports like this?
Are these types of malicious software payloads able to execute on the server if you have no protection?
How can we protect from attacks through IIS on port 80 and 443 of the type below?

(Here we've used malwarebytes but I'd like something with central reporting for several servers if possible)

They look like the sort of malicious software you would be warned about if you clicked a bad link, but in this case they are inbound without you clicking on anything.

score 1 · Accepted Answer · answered Jan 06 '21 at 07:09

As far as I know, there are many ways to secure iis web server through configuration, for example:

1.Use end-to-end encryption

If you have reverse proxy and/or load balancer in front of your web servers, prefer to use SSL-bridging instead of SSL-offloading
Disable older SSL/TLS versions than TLS 1.2
Disable weak cypher suits
SSL/TLS and cypher suit settings are server-wide settings, and IIS supports whatever the OS supports. However, for .NET applications check the below article:

Transport Layer Security (TLS) best practices with the .NET Framework:

https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls

2.Configure "Request Filtering":

"Allow unlisted file name extensions": Uncheck (allow only the extensions you will use; add "." to allow extensionless requests)
"Allow unlisted verbs": Uncheck (allow only the verbs you will use)
Lower "request limits" if possible

Request Filtering

https://learn.microsoft.com/en-us/iis/configuration/system.webserver/security/requestfiltering/

3.Remove HTTP headers which identifies the server and application. These headers are believed to cause security vulnerability: