Hello,

Could you please give step-by-step recommendations for outpost rules on IIS6 (Win2003) web server?
What should be opened/closed?

Thank you!
Best wishes,
Sergey

Welcome to the forums, Sergey,

If you are serving only non-encrypted pages, then a rule consisting of:

Protocol TCP, Inbound, Local Port 80, Allow

should be added to your rules for IIS. Note that you do need to specify a local port, not a remote one (you will need to scroll down the Event section to see this option). If you have encrypted (https) pages as well, then add

Protocol TCP, Inbound, Local Port 443, Allow

Please note however that Outpost is designed for personal use rather than for servers (especially mission-critical ones). You may therefore find this thread (http://www.outpostfirewall.com/forum/showthread.php?s=&threadid=8052) useful for alternative suggestions.