Before you start
Objectives: Learn where to configure settings for Internet Explorer and how are security settings organized in Internet Options.
Prerequisites: no prerequisites.
Key terms: security, internet, sites, zone, options, configure, cookies, mode, settings, site, default
Internet Options can be used to specify a home page or multiple home pages, delete temporary Internet files, cookies, browsing history, form data, passwords, etc. Also, we can configure our default search provider, configure text and background colors, language preferences, etc. All this settings are managed in General tab in Internet Options.
Internet Explorer (IE) contains different levels of security which can be configured for different types of websites. We can separate different types of websites by using Security Zones feature. IE will apply different security settings on different websites depending on which security zone the website belongs to. Security zones are managed on the Security tab in Internet Options. Available Security Zones in IE are:
- Local Intranet – this zone will contain sites which resides on computer on our private intranet. This zone is populated automatically. We can also manually add sites to this zone.
- Trusted Sites – this zone will contain sites with fewer security restrictions. We add sites to this zone manually and we should be careful when we do that, since they will be able to run scripts and other components with less security applied. We should only add sites that we trust to this zone. All sites in this zone should start with “https://”, which means that they use SSL to secure connection to those sites.
- Restricted Sites – this zone will contains dangerous or malicious web sites. Sites in this zone have more security restrictions applied than other sites.
- Internet – this zone will contain all sites that are not included in any other security zone.
For each zone we can adjust levels of security. Three default security levels are: medium, medium-high, and high. We can use the Custom Level button to change the security level of any zone. We can also configure the details of any security level. For example, we can configure restrictions of ActiveX, scripting, user authentication behaviour, .NET programs, allowed file downloads, submitting form data, etc.
The default security level for Local Intranet zone is medium-low, and Protected Mode is not enabled. The default level for Trusted Sites zone is medium, and by default Protected Mode is not enabled. Default security level for Restricted Sites zone is high, and Protected Mode is enabled. Security level for Internet zone is medium-high and Protected Mode is enabled, by default.
Newer version of Internet Explorer has a new feature called Protected Mode. This feature forces to run IE as a low integrity process. By running in low integrity mode, IE will not be able to interact with other programs or processes that are running in a higher integrity mode. By doing this, any malicious code that is contained in IE is blocked from making damage to other Windows components. We can run site in protected mode in one tab, and another site in another tab which is not in protected mode. By default, protected mode is enabled for the sites in the Internet and Restricted Sites zones.
In IE we can also manage certificates for different web sites. SSL certificates have two functions when used with web sites. They can be used to identify the web site, and to secure the connection to the web site by using encryption. If the web site we visit has some problem with the certificate, we will see a warning and the navigation to that website will be blocked automatically.
Certificate problems will appear when the site name and certificate do not match. Also, issues will arise if the certificate is expired or revoked. Also, certificate can also be issued by an untrusted Root Certificate Authority, and this will be a problem too. If we encounter a web site which has some kind of certificate error, we should be very careful providing sensitive information to that web site.
Other options are available in other tabs in Internet Options. In Content tab we can filter websites based on content and ratings. Here we can also manage certificates, AutoComplete settings and feeds.
On the Connections tab we can identify a specific connection as the Internet connection, configure proxy and specify LAN settings. We can also configure dial-up and VPN connections.
On the Programs tab we can configure IE as the default browser, manage browser addons, specify HTML editor, configure default e-mail client, etc.
On the Advanced tab we can configure multimedia, search, printing, FTP, international and some other settings.
Configuration of Internet Options is slightly different in every version of Windows. We have separate articles in which we demonstrate Internet Options configuration in different versions of Windows: