IE Enhanced Security Configuration is a default-enabled security setting for all Window Servers since Window Server 2003. Hence, all AWS Windows EC2 machines come with this setting enabled. If you are new, it is highly likely that you will come across below error message as soon as you open Internet Explorer for browsing the internet or for downloading any software.
The Internet Explorer Enhanced Security Configuration reduces the risk of any attack from Web-based content and application scripts by establishing a configuration for your server and Internet Explorer. This may prevent some Web sites from working properly and may cause other kinds of issues such as download errors and restricted access to network resources.
In this article, we will look at how to disable Enhanced Security for short duration and how can you safely re-enable it. Please note that as a best practice, server machines should not be used for browsing the internet and/or downloading random software, but if you are in a setup phase and need some authentic software setup to get started, you can continue to read along.
- This article assumes that you have successfully launched a Windows based EC2 instance
- It is assumed that you are logged-in as an administrator
- For the purpose of illustration, all screenshots are taken from a Windows Server 2019 machine. Other editions may have slight differences.
Step 1: Connect to your EC2 machine, using a RDP client. I prefer using default Remote Desktop Connection utility to connect.
Step 2: Once inside your EC2 machine, click on Windows Start button and search for “Server manager”
Step 3: Once Server Manager opens, click on “Local Server” under the Dashboard option in left-menu. Notice the IE Enhanced Security Configuration Setting option on right hand-side. By default, you will find that it is set to On.
Step 4: Click on On in front of IE Enhanced Security Configuration. A dialog box will open, with below settings:
As you can see the security configuration is enabled for both administrators and other types of users.
Step 5: To disable the security settings you may set the options in above dialog box to off for both Administrators and Users (be careful here, and only enable it as required for a fixed time duration). Once updated, click on OK.
Step 6: It may take a while for the settings to be applied and you would be able to see it in your server manager, as the previously On option would now change to Off.
Step 7: Now go back to the Internet Explorer (you may need to restart IE for settings to be applicable). Now the first page on opening IE would give you a warning as below:
Hope this was of help. It is recommended that you re-enable the security settings as soon as the server machine is set-up and running as expected. Let me know your thoughts in comments section below.