Internet Options in Windows

Before you start

Objectives: Learn where to configure settings for Internet Explorer and how are security settings organized in Internet Options.

Prerequisites: no prerequisites.

Key terms: security, internet, sites, zone, options, configure, cookies, mode, settings, site, default


General Options

Internet Options can be used to specify a home page or multiple home pages, delete temporary Internet files, cookies, browsing history, form data, passwords, etc. Also, we can configure our default search provider, configure text and background colors, language preferences, etc. All this settings are managed in General tab in Internet Options.

Security Zones

Internet Explorer (IE) contains different levels of security which can be configured for different types of websites. We can separate different types of websites by using Security Zones feature. IE will apply different security settings on different websites depending on which security zone the website belongs to. Security zones are managed on the Security tab in Internet Options. Available Security Zones in IE are:

  • Local Intranet – this zone will contain sites which resides on computer on our private intranet. This zone is populated automatically. We can also manually add sites to this zone.
  • Trusted Sites – this zone will contain sites with fewer security restrictions. We add sites to this zone manually and we should be careful when we do that, since they will be able to run scripts and other components with less security applied. We should only add sites that we trust to this zone. All sites in this zone should start with “https://”, which means that they use SSL to secure connection to those sites.
  • Restricted Sites – this zone will contains dangerous or malicious web sites. Sites in this zone have more security restrictions applied than other sites.
  • Internet – this zone will contain all sites that are not included in any other security zone.

Security Levels

For each zone we can adjust levels of security. Three default security levels are: medium, medium-high, and high. We can use the Custom Level button to change the security level of any zone. We can also configure the details of any security level. For example, we can configure restrictions of ActiveX, scripting, user authentication behaviour, .NET programs, allowed file downloads, submitting form data, etc.

The default security level for Local Intranet zone is medium-low, and Protected Mode is not enabled. The default level for Trusted Sites zone is medium, and by default Protected Mode is not enabled. Default security level for Restricted Sites zone is high, and Protected Mode is enabled. Security level for Internet zone is medium-high and Protected Mode is enabled, by default.

Protected Mode

Newer version of Internet Explorer has a new feature called Protected Mode. This feature forces to run IE as a low integrity process. By running in low integrity mode, IE will not be able to interact with other programs or processes that are running in a higher integrity mode. By doing this, any malicious code that is contained in IE is blocked from making damage to other Windows components. We can run site in protected mode in one tab, and another site in another tab which is not in protected mode. By default, protected mode is enabled for the sites in the Internet and Restricted Sites zones.

Cookies

We can control privacy settings trough Cookies. A Cookie is a file that contains information and those files can be accessed from websites on the Internet. Cookies can have things like our user name or password or other information that can be used while we browse particular site. Cookies allow websites to use existing information for future sessions. We can turn off Cookies which means that we will not accept any cookies from any site. This can also prevent us to from being able to access different websites. Another issue that comes up with Cookies is that we can get cookies which are known as first party cookies (those come from the site we’re visiting) and third party cookies (from the site we are not visiting, for example banner ad). We can control the use of cookies in Privacy tab in Internet Options. In this tab we can also configure Pop-up Blocker settings and InPrivate mode settings.

SSL Certificates

In IE we can also manage certificates for different web sites. SSL certificates have two functions when used with web sites. They can be used to identify the web site, and to secure the connection to the web site by using encryption. If the web site we visit has some problem with the certificate, we will see a warning and the navigation to that website will be blocked automatically.

Certificate problems will appear when the site name and certificate do not match. Also, issues will arise if the certificate is expired or revoked. Also, certificate can also be issued by an untrusted Root Certificate Authority, and this will be a problem too. If we encounter a web site which has some kind of certificate error, we should be very careful providing sensitive information to that web site.

Other Options

Other options are available in other tabs in Internet Options. In Content tab we can filter websites based on content and ratings. Here we can also manage certificates, AutoComplete settings and feeds.

On the Connections tab we can identify a specific connection as the Internet connection, configure proxy and specify LAN settings. We can also configure dial-up and VPN connections.

On the Programs tab we can configure IE as the default browser, manage browser addons, specify HTML editor, configure default e-mail client, etc.

On the Advanced tab we can configure multimedia, search, printing, FTP, international and some other settings.

Example Configuration

Configuration of Internet Options is slightly different in every version of Windows. We have separate articles in which we demonstrate Internet Options configuration in different versions of Windows: