STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Microsoft IIS 10.0 Server Security Technical Implementation Guide

V-218818

CAT II (Medium)

The Internet Printing Protocol (IPP) must be disabled on the IIS 10.0 web server.

Rule ID

SV-218818r961470_rule

STIG

Microsoft IIS 10.0 Server Security Technical Implementation Guide

Version

V3R7

CCIs

CCI-001762

Discussion

The use of IPP on an IIS web server allows client access to shared printers. This privileged access could allow remote code execution by increasing the web servers attack surface. Additionally, since IPP does not support SSL, it is considered a risk and will not be deployed.

Check Content

If the Print Services role and the Internet Printing role are not installed, this check is Not Applicable.

Navigate to the following directory:

%windir%\web\printers

If this folder exists, this is a finding.

Determine whether Internet Printing is enabled:

Click “Start”, click “Administrative Tools”, and then click “Server Manager”.

Expand the roles node, right-click “Print Services”, and then select “Remove Roles Services”.

If the Internet Printing option is enabled, this is a finding.

Fix Text

Click “Start”, click “Administrative Tools”, and then click “Server Manager”.

Expand the roles node, right-click “Print Services”, and then select “Remove Roles Services”.

If the Internet Printing option is checked, clear the check box, click “Next”, and then click “Remove” to complete the wizard.