There are many sources that say that the %SERVERROOT%/inetpub/ must never ever be deleted or moved. And yes, I can agree with this, as updates to IIS update that directory blindly -- they don’t actually query the system to see if the IIS inetpub directory is hosted elsewhere.
However, one can always leave that directory, and simply have web sites hosted elsewhere -- one can always set the HTTP root for any site to anywhere on the system, especially a location on another drive. This, in particular, makes directory traversal attacks much more difficult.
With that said, has anyone had success both moving the inetpub directory as well as leaving it where it is at the same time? To be specific, I am looking to physically move the entire inetpub directory to D:\, but then create a symlink from C:\inetpub\ to D:\inetpub. I would like to know if anyone else has done this, and if the symlink (a hard link, /J, to be specific) was successful or not.
The target system is IIS on Windows 8,1. The eventual target will be IIS on Win2K12R2, or the Win2k16 (if it drops before our servers get rebuilt).