Create a Host Named Site Collection and Set Anonymous

These steps create the HNSC and then explain setting anonymous access:

#Step 1, create the web application

$applicationPool = "HNSC01ApplicationPool"

$ServiceAcct = "BeaversOil\spprod_hnsc01"

$WebApp = "SharePoint - 1001 - HNSC"

$webAppURL = ""

$contentDB = "SPPROD_WSS_Content_HNSC01"

New-SPWebApplication -ApplicationPool $applicationPool -ApplicationPoolAccount $serviceAcct -Name $WebApp -URL $webAppURL -Port 1001 -databaseName $contentDB -securesocketslayer

#Step 2, create the top site

$primarySiteCollectionOwnerAcct = "BeaversOil\rBeaver"

$PrimarySCOwnerEmail = ""

$webApp0URL = ""

New-SPSITE -URL $webApp0URL -owneralias $primarySiteCollectionOwnerAcct -owneremail $PrimarySCOwnerEmail -Template STS#1

#Step 3, create a separate database for the first HNSC

$HNSC3DB = "SPDEV_WSS_Content_BeaversOil"

$webApp0URL = ""

New-SPContentDatabase $HNSC3DB –WebApplication $webApp0URL

#Step 4, create the first HNSC

$primarySiteCollectionOwnerAcct = "beaversoil\ssimpkins"

$PrimarySCOwnerEmail = ""

$HNSC3Name = "Test Site"

$HNSC3URL = ""

$HNSC3DB = " SPDEV_WSS_Content_BeaversOil "

$webApp0URL = ""

New-SPSite -url $HNSC3URL  -Name $HNSC3Name -hostheaderwebapplication $WebApp0URL -ownerAlias $PrimarySiteCollectionOwnerAcct -owneremail $PrimarySCOwnerEmail -contentDatabase $HNSC3DB  -Template STS#0


Step 5, Enable Anonymous access

Turn anonymous on under Authentication for the default zone assuming you followed the advice above.  If in a different zone then adjust accordingly.

Turn on the anonymous policy for deny write

At the site level, navigate to _layouts/user.aspx and enable anonymous for the entire web site.