/* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */ /* Menu creation problem '1959-475', Bok=0, Snm=0, Omen=) */
Contact us
Let us put you in the driving seat of your new Web Site

Putting technology in ITs place:
Business and People first!

Click on link to rightWhy Business before Technology
Call us now
Maintain your own site
Click on link to rightSelf Maintenance Sites
[Home]   [Site Map]   [Privacy]   [Toggle Print]   [Contact]   [Bottom of Page]

Configuring Microsoft products for safety, security and privacy

Permitting 'trusted senders' to 'download' richer content - Web sites

Occasionally you will want or need to see a web site (OR AN E-MAIL - see How to trust an e-mail) as the sender intended you to view it - images, interactivity etc..

To view a Web Site with full graphics/interactivity "etc." and associated risks

By taking our advice you will have disabled certain MS features that are by far the biggest security holes for the consumer in the MS product line. The consequence of this change is that highly interactive sites that previously worked may not function correctly without intervention - they need to be "promoted".

95% of the sites that have problems can be made to function as intended by promoting them from the "Internet Zone" (level 2) to one higher - the "Local Intranet" (3) or even the "Trusted" (4) zone. There are caveats to doing so - see How to trust a web site for the full details of setting this up in the first place.

To promote a site from the (now restricted!) Internet Zone

THIS PAGE is intended to show how to simply add a site to an elevated zone in MSIE (N.B. Microsoft Internet Explorer - doesn't work in Firefox!)

When browsing - the simplest approach to elevate a site is to double click on the Zone indicator within Internet Explorer at the very bottom right of the browser window - see image to right:

You will see four Zone icons across the top of a window.

Simply click on the Local or Trusted Zone as appropriate - on the whole very, very few sites need to be in the Trusted zone because you should keep that for sites that you KNOW will need to take actions which are inherently risky - the classic one is Windows Update which makes fundamental changes to your PC every time it makes an update.

The Local (or LAN) Zone is for those sites that you trust not to harm your PC but don't need any serious control over your PC other than to do things like show you web-based material in interesting formats etc.

If you have chosen the latter then the next popup will NOT appear as it is only relevant for Local Area Network connections which includes Wireless (a.k.a. WiFi) networks.




Then Click on "Sites" which is a button which will only become clickable when you select a zone other than Internet Zone.



After clicking 'Sites' you will one of the next two popups that are shown below.

IF you have chosen "Local Intranet Zone" which is symbolised by a small picture of a Globe with a PC in front of it then you will see the popup to the right, if not then skip this part of the operation.

En-route to adding specific sites you will always be prompted for some generic inclusions - unless you know what you are doing you should disable all of these as anyone who (for instance) managed to encroach on your Wireless LAN could potentially trick you into running code from a dummy site which they could have running on a Laptop in a nearby Car Park for criminal intent.

If in doubt you should check that all of the prompts that start with the words "Include all" are DE-selected as illustrated and then click on "Advanced".

If you have chosen the "Trusted" zone you get straight to this popup.

You can then enter the Web Site address that you wish to be promoted (e.g. www.tony-blair.gov.uk) and then click on "Add". If there is a prompt "Require server verification (https:) for all sites in this zone" then de-select it - i.e. no tick in the box. The restriction of requiring 'https' makes the use of zones almost impossible while adding little additional security in real terms. That choice will be remembered.

Adding sites is straightforward and IE may offer the site for you to add without typing... on the whole be specific if the site is very large - e.g. microsoft.com then you might add these four:

  • windowsupdate.microsoft.com
  • update.microsoft.com
  • go.microsoft.com
  • microsoft.com/downloads

this would allow 3 subdomains and 1 folder (prefix to microsoft.com like the first 3 above and one suffix - the last example).

This would ensure that only those sites that are tightly managed to provide very specific facilities and content were allowed to take over your browser to the extent needed to update your PC.

An * at the front permits all subdomains, e.g. *.bbc.co.uk includes news.bbc.co.uk as well as www.bbc.co.uk.

If you then click on "OK" 2-3 times! you should find that the site will now have a changed symbol in the status bar at the bottom of MSIE which shows that the site is being treated as "Local Intranet" (or "Trusted") rather than "Internet". If it says 'Mixed' then see Notes¹.

Notes

  1. If it says 'Mixed' then you can be sure that the web developers have made life difficult because they have split their content across multiple servers for some reason. eBay is a classic example of this in that they use all sorts of odd names: *.ebayimg.com, *.ebaystatic.com are examples. However - eBay is NOT a site that I would suggest that you trust ANYWAY. Not that I have any malevolence towards them but they have a huge amount of content that is not actually within their control as anyone can sell items on eBay and submit their descriptions.

I hope that has been useful. Any Comments, suggestions or corrections to: Contact us please. This would be especially useful if the software environment you have is different to mine and the headings, text or prompts are different.


Like the site?

Site Construction by usiness
before Technology
Click on link to rightClick here
[Top of Page]   [Home]   [Site Map]   [Toggle Print]   [Privacy]   [Contact]

© Business before Technology - All Rights Reserved 2003

Business before Technology Limited, Company number: 4969011.
151 Chester Road, Norbury Moor, Hazel Grove, Cheshire SK7 6HD
*¹¹ Note that calls to 0844 884 2244*¹¹ will cost 7p per a minute, your telephone provider (including mobile providers) may add an additional access charge.
 
Messages:
23May15: Suppress Msg2U when cannot analyse/react to them 0 or 0 or 3.233.219.101 SoLL /home/sa4ssu/public_html/cgi-bin/LLsHere.3.233.219.101

News and Information

Your access to this site:


We will attempt to give you perfect access to this site but this may be impaired by the fact that as far as we can tell you are either:
  • Accessing the Internet from behind a FireWall (Personal or Company) which is disabling cookies OR
  • You have made a technical change to your browser in that you have disabled cookies - perhaps only for this site.

If this was unintentional and you can enable temporary (session) cookies there is a brief description at the bottom of the page. If you don't understand a word of this gobble-D-guk or you don't want to!: leave everything as-is and report any problems via the `LinkTSNo_Cookie_pagenoc1'>Technical feedback facility.

For the technical user

We attempt to set 2 temporary cookies at each interaction you have with this site. The names and typical values are:

NaviSessID=12345 and NaviLastID=erTh1J68SnkK0

The fact they are temporary means that when you close down your browser they will simply disappear. For the paranoic - they are not even written to the cookie folder.

The purpose of these two cookies is to allow you to navigate our site across what is a "connectionless" Internet with security and privacy appropriate to the content and usage of the site.

This notice will disappear from the end of the site Web pages when you have interacted with the site 3-4 times - more than once just in case you miss it at the end of the Home Page.

The only downside that we cannot avoid is caused by us putting the same information in the "Location" or "Address" area towards the top of your browser. You will notice that even though you visit pages more than once that your browser will not recognise them as "visited" because this address changes with each interaction.

Changing browser settings
  • NetScape: Edit->Preferences & select the Advanced Tab (not one of the sub-options). You only need to set cookies that are sent back to their own site but we would recommend that you do not select the 'prompt' option as this will cause an irritating pop-up at each interaction.

  • MicroSoft IE: click on Tools->Internet Options & select Security Tab.

    You could select Local Internet, then Advanced and then add our site address. This assumes that you have got cookies enabled for that zone.

    Another option would be change the "Custom level" for the zone that we are currently in - the Setting to be changed is called "Allow per-session cookies (not stored)" - select Enable then OK)

News and Information