Windows Server 2016 – Disable Internet Explorer Enhanced Security Configuration

Send Us a Sign! (Contact Us!)

In most Windows Server systems, Enhanced Security Configuration (IE ESC) is designed to protect a server from dangerous websites capable to infect system with malware. When this mode is enabled (it is by default) you will need to add each website you want to see to the Trusted Sites Zone to open all its content in IE.

As even previous Windows Server editions, Enhanced Security Configuration is enabled by default in Internet Explorer on Windows Server 2016.

Usually this security restriction could be useful in production, but in some cases, especially when you are preparing this system and you will need for a brief period of time unrestricted access to Internet (by always protected by one or multiple firewalls and IDS on the corporate network, you might want to allow Internet Explorer open all websites including all third-party content without adding them as trusted ones.

The following procedure will show you how to disable Internet Explorer Enhanced Security Configuration in Windows Server 2016.

When Internet Explorer Enhanced Security Configuration is enabled you see this start page when you launch IE:

res://iesetup.dll/HardAdmin.htm

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

In this mode, when you will try to open a website, you will see a pop-up window telling you Content from the website listed below is being blocked by the IE ESC:

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

When this popup will show you will need to either click Add to add the website to the Trusted sites zone or click Close to open in a restricted mode.

If the web page will be opened in restricted mode part of the content (such as JavaScript or web fonts) will be unavailable. Consequently, the majority of websites will lose a part of their functionality.

Now, to disable this mode on Windows Server 2016, we will need to click the Start button and launch Server Manager:

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

On the left side of Server Manager, click on Local Server, then, in the main part of the window, find the text IE Enhanced Security Configuration and click on the text link On:

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

At this point you can choose to turn off IE ESC for Administrators and/or for Users and click OK:

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

Now we will need to restart Internet Explorer. Now when you launch IE you will see soft configuration page telling you Internet Explorer Enhanced Security Configuration is not enabled:

res://iesetup.dll/SoftAdmin.htm

Windows Server 2016 - Disable Internet Explorer Enhanced Security Configuration

From now on you will be able tovisit any websites without adding them to Trusted sites zone.