Webdeploy is very convenient from Visual Studio 2010. Today I am using it to publish my project via a remote deploy agent (http://x.x.x.x/MsDeployAgentService) to a production web server facing Internet.
Although administrator password is required, is it a good practice to leave http://x.x.x.x/MsDeployAgentService accessible to everyone or should I care more about the security of this subpath so that it cannot be accessed from Internet?
If I need to allow deployment only from certain internal URLs, how do I secure the deployment agent service?