How To Configure Security on Internet Explorer

Manage your settings with a simple process

Digital encrypted Lock with data multilayers. Internet Security

Andriy Onufriyenko/Getty Images

By
Tony Bradley, CISSP-ISSAP
Updated June 05, 2019

Internet Explorer (IE) offers four zones to help you set security depending on how well you know or trust the site. Configuring your IE security settings for each zone can help you safely browse the internet without fear of malicious code.

Instructions in this article apply to Microsoft Internet Explorer for PCs.

How to Manage Security on IE

Follow these instructions to create the level of security you want on IE.

  1. At the top of IE, on the menu bar, select Tools > Internet Options.

    Internet options in Internet Explorer

  2. In the Internet Options dialog box, go to the Security tab.

    Security tab and security zones in Internet Explorer

  3. IE categorizes sites into the zones: Internet, Local intranet, Trusted sites, and Restricted sites. Select the zone you want to configure. Use the security level bar to raise or lower the security for that zone. Repeat for each zone. See below for details on each setting.

    Medium is appropriate for most internet browsing. This setting includes safeguards against malicious code but allows you to view most websites.

  4. Select Apply.

  5. Select OK.

  6. To fine-tune your settings, select Custom level and make adjustments in the Security Settings - Internet Zone dialog box.

    Security Settings - Internet Zone in Internet Explorer

  7. When done, select OK.

IE Security Setting Descriptions

Use the following guide to decide which security settings you want in IE.

High

  • The safest way to browse, but also the least functional.
  • Less secure features are disabled.
  • Appropriate for sites that might have harmful content.

Medium

  • Safe browsing and still functional.
  • Prompts before downloading potentially unsafe content.
  • Unsigned ActiveX controls aren't downloaded
  • Appropriate for most internet sites.

Medium-Low

  • Same as Medium but without prompts.
  • Most content runs without prompts.
  • Unsigned ActiveX controls aren't downloaded.
  • Appropriate for sites on a local network (intranet).

Low

  • Minimal safeguards and warning prompts are provided.
  • Most content is downloadable and runs without prompts.
  • All active content can run.
  • Appropriate for sites that you absolutely trust.