Is it possible to tell IIS to either ignore any child web.config files below a certain directory or lock all web.config configuration items so nothing can be changed in a child directory by a child web.config? I know I can do this on individual elements by using the lockItem attribute such as the example below, but that requires me to individually identify every possible section that could be modified, and lock them. This also has problems when using different servers as the file content will need to vary based on which IIS features were installed. I was hoping for a solution that could lock *everything* in one swoop.
<configuration>
<system.webServer>
<handlers accessPolicy="Read,NoRemoteExecute,NoRemoteScript,NoRemoteWrite" lockItem="true">
<clear />
<add name="StaticFile" path="*" verb="GET,HEAD" modules="StaticFileModule" resourceType="File" requireAccess="Read" preCondition="integratedMode" />
</handlers>
</system.webServer>
</configuration>