When you install IIS, it automatically sets up a "Default
Web Site" on port 80 of the primary IP address of your
server. If you take a look at this web site's properties in
the IIS management console, you'll see it has all sorts of
unneeded stuff in it. My Windows 2000 Server has IISHelp,
IISAdmin, IISSamples, MSADC, Printers, and so on. On top of
that, a lot of components take the liberty of setting up their
samples and documentation in the "Default Web Site"
So how do you keep these files, settings, and the potential
security problems they bring with them away from your web site?
Don't use the "Default Web Site". Change the settings
on it to not allow any users and move it to an unused port.
Then set up a new web site on port 80 and configure it the
way you want. That way you'll have a brand new and clean space
in which to build your site.