Recommendations for Internet Zone
The Internet zone is where sites not specifically placed elsewhere are placed. Thus, the settings for this zone control most of the sites that you will go to on the Internet. Please be aware that increased security has a cost and that the settings given here will cause some sites to stop working properly. In particular, ActiveX and scripting have been disabled. Sites using these technologies will be crippled. This keeps the bad guys out but may interfere with one of your favorite sites. If a site is safe and is one that you use frequently , place it in the Trusted site zone, where ActiveX and scripting are enabled. Instructions on how to do that are on this page.
There are quite a few settings and the particular recommendations given in the table below are but one of many possible combinations. The recommended settings can be modified to suit a PC user’s particular pattern of surfing. Thus, you may wish to experiment to find a combination best for your own purposes. For example, many pages use scripts and you may wish to allow that. Also, it is a common practice for pages to use META REFRESH for redirection. It is also used by bad sites to trap your browser. I have left it enabled but you may wish to disable it.
The recommended settings below may not suit everybody and may even be irritating to some. Therefore, do not undertake to change anything on your computer unless you know how to get back to where you started.
Category | Setting | Default | Recommended |
---|---|---|---|
.NET Framework-reliant components (Not present in all systems) | Run components not signed with Authenticode | Enable | Disable |
Run components signed with Authenticode | Enable | Enable | |
ActiveX Controls and Plug-ins | Download signed ActiveX controls |
Prompt | Disable |
Download unsigned ActiveX controls |
Disable | Disable | |
Initialize and script ActiveX controls not marked as safe |
Disable | Disable | |
Run ActiveX controls and plug-ins |
Enable | Disable | |
Script ActiveX controls marked safe for scripting |
Enable | Disable | |
Automatic prompting for ActiveX controls | Disable | Disable | |
Binary and script behaviors | Enable | Disable | |
Downloads | File download | Enable | Enable |
Font download | Enable | Disable | |
Automatic prompting for file downloads | Disable | Disable | |
Microsoft VM (only older systems) | Java permissions | High safety | High safety |
Miscellaneous | Access data sources across domains | Disable | Disable |
Allow META REFRESH | Enable | Enable | |
Display mixed content | Enable | Disable | |
Don’t prompt for client certificate selection when no certificates or only one certificate exists | Disable | Disable | |
Drag and drop or copy and paste files | Enable | Disable | |
Installation of desktop items | Prompt | Disable | |
Launching programs and files in an IFRAME | Prompt | Disable | |
Navigate sub-frames across different domains | Disable | Disable | |
Software channel permissions | Medium safety | Maximum safety | |
Submit nonencrypted form data | Enable | Enable | |
Userdata persistence | Enable | Disable | |
Allow scripting of Internet Explorer Webbrowser control | Disable | Disable | |
Allow script-initiated windows without size or position constraints | Disable | Disable | |
Allow Web pages to use restricted protocols for active content | Prompt | Disable | |
Open files based on content, not file extension | Enable | Enable | |
Use Pop-up Blocker | Enable | Enable | |
Web sites in less privileged web content zone can navigate into this zone | Enable | Disable | |
Scripting | Active scripting | Enable | Disable |
Allow paste operations via script | Enable | Disable | |
Scripting of Java applets | Enable | Prompt | |
User Authentication | Logon | Automatic logon only in Intranet zone | Automatic logon only in Intranet zone |
The settings can always be returned to the default values by using the “Default Level” button shown in the figure below