Make Internet Explorer 6 Safer- Configure the Security Settings

Recommendations for Internet Zone

The Internet zone is where sites not specifically placed elsewhere are placed. Thus, the settings for this zone control most of the sites that you will go to on the Internet. Please be aware that increased security has a cost and that the settings given here will cause some sites to stop working properly. In particular, ActiveX and scripting have been disabled. Sites using these technologies will be crippled. This keeps the bad guys out but may interfere with one of your favorite sites. If a site is safe and is one that you use frequently , place it in the Trusted site zone, where ActiveX and scripting are enabled. Instructions on how to do that are on this page.

There are quite a few settings and the particular recommendations given in the table below are but one of many possible combinations. The recommended settings can be modified to suit a PC user’s particular pattern of surfing. Thus, you may wish to experiment to find a combination best for your own purposes. For example, many pages use scripts and you may wish to allow that. Also, it is a common practice for pages to use META REFRESH for redirection. It is also used by bad sites to trap your browser. I have left it enabled but you may wish to disable it.

The recommended settings below may not suit everybody and may even be irritating to some. Therefore, do not undertake to change anything on your computer unless you know how to get back to where you started.

Settings for Internet security zone in Internet Explorer 6
(Red background indicates settings found only in Windows XP SP2)
Category Setting Default Recommended
.NET Framework-reliant components (Not present in all systems) Run components not signed with Authenticode Enable Disable
Run components signed with Authenticode Enable Enable
ActiveX Controls and Plug-ins Download signed
ActiveX controls
Prompt Disable
Download unsigned
ActiveX controls
Disable Disable
Initialize and script
ActiveX controls not marked as safe
Disable Disable
Run ActiveX
controls and plug-ins
Enable Disable
Script ActiveX controls
marked safe for scripting
Enable Disable
Automatic prompting for ActiveX controls Disable Disable
Binary and script behaviors Enable Disable
Downloads File download Enable Enable
Font download Enable Disable
Automatic prompting for file downloads Disable Disable
Microsoft VM (only older systems) Java permissions High safety High safety
Miscellaneous Access data sources across domains Disable Disable
Allow META REFRESH Enable Enable
Display mixed content Enable Disable
Don’t prompt for client certificate selection when no certificates or only one certificate exists Disable Disable
Drag and drop or copy and paste files Enable Disable
Installation of desktop items Prompt Disable
Launching programs and files in an IFRAME Prompt Disable
Navigate sub-frames across different domains Disable Disable
Software channel permissions Medium safety Maximum safety
Submit nonencrypted form data Enable Enable
Userdata persistence Enable Disable
Allow scripting of Internet Explorer Webbrowser control Disable Disable
Allow script-initiated windows without size or position constraints Disable Disable
Allow Web pages to use restricted protocols for active content Prompt Disable
Open files based on content, not file extension Enable Enable
Use Pop-up Blocker Enable Enable
Web sites in less privileged web content zone can navigate into this zone Enable Disable
Scripting Active scripting Enable Disable
Allow paste operations via script Enable Disable
Scripting of Java applets Enable Prompt
User Authentication Logon Automatic logon only in Intranet zone Automatic logon only in Intranet zone

The settings can always be returned to the default values by using the “Default Level” button shown in the figure below

ieseczonedefaulta

Leave a Reply

Your email address will not be published. Required fields are marked *