This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 98%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
I was told my server was probably hacked via OWA vulnerability (server is patched by windows update but not with exchange upgrade versions.
Can I rename or remove the owa directory under IIS to block OWA
I want to keep active sync working.
You can disable the OWA app pool in IIS.
However, if the server is compromised that is not sufficient. You need to mitigate, apply the latest CUs and SUs and/or rebuild ASAP!
I've disabled MExcahageOWAAppPool and OWACalendarAppPool
I am thinking about rebuild, but it's complicated as exchange server is also the single DC. (Small office)
Ok, then I would consider building a new DC and Exchange Server and move mailboxes.
Seriously.