![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 52%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPT%3C/text%3E%3C/svg%3E)
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,188 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 92%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYL%3C/text%3E%3C/svg%3E)
Hello,
Thank you for posting in Q&A forum.
The "iisstart.aspx" file is usually a default placeholder page used by Internet Information Services (IIS) Microsoft. Its main purpose is to verify that IIS is installed and running correctly. In theory, it does not pose any threat to your system.
However, if you suspect that your system may have been attacked by a webshell, you should take the following steps to confirm and take action:
- Check file integrity and content:
Verify the content of "iisstart.aspx". Compare it to a known good version from a clean installation of Exchange 2016 or IIS to ensure that it has not been tampered with.
- Scan for viruses and malware:
Scan this file and the entire system with up-to-date antivirus software to detect any potential malware or webshells.
- Check log files:
Review IIS logs, system event logs, and application logs for any unusual activity or logon attempts.
- Check file properties:
Review file properties (e.g., creation date, modification date) to see if they are consistent with other system files or if they look suspicious.
- Updates and Patches:
Make sure your Exchange 2016 and IIS installations are up to date with the latest security patches.
I hope the information above is helpful.
Best Regards,
Yanhong Liu
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
