Hi @May
Site Defacement is due to the permissions of the FrontPage server extension set incorrectly, you could try:
- Open the IIS management console.
- Select /_vti_auth/author.dll and /_vti_admin/admin.dll files in "_vti_bin" directory of the default web site.
- Select the "Properties" of these files.
- Select the "File Security" tab and Click the "Editor" button of anonymous access and authentication control.
- Remove the check mark on the "Allow anonymous access".
- Add new user using "Server Extensions Administrator" of the default web site.
The file service.cnf which contains the metadata for a FrontPage web site should be secured. Usually this can be accomplished at the folder level by removing read access on the path through the IIS administration tool, or by copying the content to a safe location outside of your web site's content folders and then removing the content from web site. The potential threat is the revelation of domain/user names, local file paths, and other metadata.
You can delete the file _vti_inf.html directly. This file contains the virtual paths to the FrontPage Server Extensions executables, and is used by any client that communicates with the FrontPage Server Extensions.
For more information, you could refer to:
https://learn.microsoft.com/en-us/iis/publish/frontpage-server-extensions/upgrade-issues-with-frontpage-server-extensions
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.