IIS Configuration via PowerShell: Disable Default Document

I’m able to query the default document list in IIS using the following PowerShell code:

Get-WebConfigurationProperty -Filter "//defaultDocument/files/add" -PSPath 'MACHINE/WEBROOT/APPHOST' -Name "value" | select value

…but I want to disable the default document feature altogether to address a vulnerability. I’ve not found much on disabling the feature via PowerShell but MS documentation says the following can be run to remove a value:

remove-webconfigurationproperty /system.webServer/defaultDocument -name files -atElement @{value="foo.html"}

Is this really the only way to disable the feature? I’ve not found anything that suggests it can simply be disabled like you can in the IIS administration console.


To remove features from IIS, you should the Dism cmdlets, in your case:

Disable-WindowsOptionalFeature -Online -FeatureName IIS-DefaultDocument

If you want to disable it inside of IIS for the whole server, you can use:

Set-WebConfigurationProperty -pspath 'MACHINE/WEBROOT/APPHOST'  -filter "system.webServer/defaultDocument" -name "enabled" -value "False"