Our webserver seemed to be comprised and we noticed alot of junk files (coachoutlet.html / EXE files..scripts.) being loaded on web server files. We have a firewall and anti virus and some how it still went through. We closed all of our FTP port and locked down our server. It seems the junk files are still uploaded to the server or web root through http browser. Is there a way in IIS 7 I can put a security or a lock on file types or deny any suspicous files to come through?
Please advise on any other security measures I should take..
Thank You