Minor corrections

Author: Orin-Thomas

learn-pr/advocates/configure-manage-website-application/includes/1-website-application-virtual-directory.md

@@ -42,7 +42,7 @@ To add a new site in IIS manager:
 1. Leave Start Website immediately checked unless you want to configure the site before it begins serving requests.
 1. Select OK.
 
-You can create a site with the `New-Website` cmdlet, which will be installed with the web server role management tools. For example, to create a site named Contoso with the path D:\contoso on port 80 that uses the fully qualified domain name www.contoso.com and has a new application pool named Contoso, run the command:
+You can create a site with the `New-Website` cmdlet, which will be installed with the web server role management tools. For example, to create a site named Contoso with the path `D:\contoso` on port 80 that uses the fully qualified domain name www.contoso.com and has a new application pool named Contoso, run the command:
 
 ```powershell
 New-Website -Name "Contoso" `
@@ -62,14 +62,14 @@ Get-Website -Name "Contoso"
 
 When creating a website, configure the directory that hosts the content directory and ensure appropriate NTFS permissions are set. Remember that NTFS permissions are often inherited. Best practice is to use a separate volume for website content rather than storing it on the system volume. Using a separate volume for the website allows you to separate the content from operating system files, it also makes it simpler to back up and restore. You might repartition free space on your existing volume to implement this configuration.
 
-The worker process runs under the application pool identity. For example, a pool named Contoso runs as IIS AppPool\Contoso. Application pool identities are:
+The worker process runs under the application pool identity. For example, a pool named Contoso runs as `IIS AppPool\Contoso`. Application pool identities are:
 
 - Local only
 - Noninteractive
 - Automatically managed
 - Not usable for logon
 
-You should grant the application pool identity Read and Execute access to the content folder:
+You should grant the application pool identity `Read and Execute` access to the content folder:
 
 ```powershell
 $acl = Get-Acl "D:\contoso"
@@ -86,7 +86,7 @@ Granting permissions directly to that identity ensures:
 - Other application pools on the same server can't read or execute the content
 - You avoid using broad identities like Everyone, Users, or IIS_IUSRS
 
-Granting Read and Execute adheres to the principle of least privilege as IIS only needs read access to serve static content and load assemblies, and execute is require for binaries such as ASP.NET and native modules. You shouldn't assign the Write privilege as this will limit attacks such as:
+Granting `Read and Execute` adheres to the principle of least privilege as IIS only needs read access to serve static content and load assemblies, and execute is require for binaries such as ASP.NET and native modules. You shouldn't assign the Write privilege as this will limit attacks such as:
 
 - Web shell uploads
 - Defacement attacks

learn-pr/advocates/configure-manage-website-application/includes/2-application-pool-worker-process.md

@@ -121,9 +121,9 @@ To configure a custom identity in IIS Manager, perform the following steps:
 1. Select the application pool, then select Advanced Settings in the Actions pane.
 1. Under Process Model, select the Identity field, then select the ellipsis (...) button.
 1. In the Application Pool Identity dialog, select Custom account and select Set.
-1. Enter the domain account credentials (for example, CONTOSO\svc-webapp), then select OK.
+1. Enter the domain account credentials (for example, `CONTOSO\svc-webapp`), then select OK.
 
-You use the `Set-ItemProperty` cmdlet to configure a Custom Identity with PowerShell. For example, to set the identity to contoso\svc-webapp, run the following command:
+You use the `Set-ItemProperty` cmdlet to configure a Custom Identity with PowerShell. For example, to set the identity to `CONTOSO\svc-webapp`, run the following command:
 
 ```powershell
 $poolName = "Contoso-AppPool"
@@ -141,7 +141,7 @@ Set-ItemProperty "IIS:\AppPools\$poolName" processModel.identityType 3
 
 ## Managing application pool state
 
-You can use the WebAppPool PowerShell cmdlets to manage application pool states. 
+You can use the WebAppPool PowerShell cmdlets to manage application pool states.
 
 ```powershell
 Stop-WebAppPool    -Name "Contoso-AppPool"   # Stop

learn-pr/advocates/configure-manage-website-application/includes/3-binding-host-header.md

@@ -4,9 +4,9 @@ IIS uses a combination of IP address, TCP port, and host name (host header) to r
 
 When a request arrives at the server, IIS evaluates three binding components in order:
 
-1. IP address: Does this request target an IP address assigned to this site? An asterisk (\*) means any unassigned IP.
-1. Port: Does the request arrive on the port configured for this site?
-1. Host name (host header): Does the HTTP Host header value in the request match the host name configured for this binding?
+1. **IP address:** Does this request target an IP address assigned to this site? An asterisk (\*) means any unassigned IP.
+1. **Port:** Does the request arrive on the port configured for this site?
+1. **Host name (host header):** Does the HTTP Host header value in the request match the host name configured for this binding?
 
 A binding is the combination of these three values. Each site must have at least one binding. Bindings must be unique across all sites, IIS can't start two sites that share the same IP, port, and host name.
 
@@ -16,7 +16,7 @@ The table lists strategies for handing bindings:
 |---|---|---|
 | **Unique ports** | Each site listens on a different port (for example, 80, 8080, 8081) | Development and testing environments |
 | **Multiple IP addresses** | Each site is bound to a different IP on the server's NIC | Older hosting configurations |
-| **Host headers (recommended)** | All sites share IP and port; DNS differentiates them via the Host header | Production: www.site1.com and www.site2.com on port 80/443 |
+| **Host headers (recommended)** | All sites share IP and port; DNS differentiates them via the Host header | Production: `www.site1.com` and `www.site2.com` on port 80/443 |
 
 > [!TIP]
 > Host headers are the standard approach in production because they don't require additional IP addresses or nonstandard ports. Ensure DNS A records are properly configured for each host name before starting sites.
@@ -30,7 +30,7 @@ To add and edit site bindings in IIS Manager, perform the following steps:
    - Type: Select http or https.
    - IP address: Select All Unassigned or a specific IP.
    - Port: Enter 80 (for HTTP) or 443 (for HTTPS).
-   - Host name: Enter the FQDN, for example www.contoso.com. Required when sharing a port with other sites.
+   - Host name: Enter the FQDN, for example `www.contoso.com`. Required when sharing a port with other sites.
    - For HTTPS bindings: select the certificate from the drop-down.
 1. Select OK, then Close.
 
@@ -87,8 +87,6 @@ New-WebBinding -Name "Contoso2" `
                -SslFlags 1
 ```
 
-Here's a drop-in section you can use to address HTTP Strict Transport Security (HSTS), along with guidance on where to place it in the existing document:
-
 ## Enforcing HTTPS with HTTP Strict Transport Security (HSTS)
 
 To further enhance the security of HTTPS-enabled websites, IIS 10 on Windows Server 2019 and later supports native configuration of HTTP Strict Transport Security (HSTS). HSTS instructs browsers to always use HTTPS when connecting to your site, even if a user attempts to access it via HTTP. This helps prevent protocol downgrade attacks and ensures encrypted communication for all future requests.

learn-pr/advocates/configure-manage-website-application/includes/4-advanced-site-configuration.md

@@ -2,7 +2,7 @@ Beyond basic site creation and bindings, IIS provides a rich set of per-site and
 
 ## Custom Error Pages
 
-By default, IIS returns a generic HTTP error page when a client encounters a 4xx or 5xx status code. Customizing error pages improves the user experience and prevents accidental disclosure of internal diagnostic details.
+By default, IIS returns a generic HTTP error page when a client encounters a `4xx` or `5xx` status code. Customizing error pages improves the user experience and prevents accidental disclosure of internal diagnostic details.
 
 IIS supports two types of error responses: