Raible's Wiki

Raible Designs
Wiki Home
News
Recent Changes

AppFuse

Homepage
  - Korean
  - Chinese
  - Italian
  - Japanese

QuickStart Guide
  - Chinese
  - French
  - German
  - Italian
  - Korean
  - Portuguese
  - Spanish
  - Japanese

User Guide
  - Korean
  - Chinese

Tutorials
  - Chinese
  - German
  - Italian
  - Korean
  - Portuguese
  - Spanish

FAQ
  - Korean

Latest Downloads

Other Applications

Struts Resume
Security Example
Struts Menu

Set your name in
UserPreferences


Referenced by
Articles
Articles_cn
Articles_de
Articles_ko
Articles_pt
Articles_zh




JSPWiki v2.2.33

[RSS]


Hide Menu

SecureDirectoriesIIS


Difference between version 10 and version 9:

At line 1 added 1 line.
Here's a quick howto for securing certain directories on IIS. I'm doing this example and screenshots from Windows XP, but it should work the same on a Windows 2000 machine. First of all, I have c:\Inetpub\wwwroot as my Home Directory:
At line 3 added 30 lines.
[http://raibledesigns.com/repository/images/iis-homedir.png]
Create a test directory to secure, or select an existing directory. For the purposes of this demonstration, I created an "admin" directory under c:\Inetpub\wwwroot:
[http://raibledesigns.com/repository/images/iis-newadmindir.png]
Create an __index.html__ file in the admin directory with the following contents:
{{{
<html>
<head>
<title>Login Success</title>
</head>
<body>
Congrats - you made it!
</body>
</html>}}}
Now we need to configure IIS to protect the "admin" folder from just anyone.
* Open the IIS Admin Console (Start -&gt; Programs -&gt; Administrative Tools -&gt; Internet Information Services)
* Navigate to COMPUTER_NAME -&gt; Web Sites -&gt; Default Web Site
* Right-click -&gt; Properties for the "admin" folder
* Select the Directory Security tab and click the "Edit" button to change __Anonymous access and authentication control__
* Uncheck ''Anonymous access'', check ''Basic authentication'' (selecting the default domain) and leave ''Integrated Windows authentication'' checked
* Stop and restart Default Web Site
''Integrated Windows authentication'' will allow users to auto-login if they're using IE and logged into the domain. Basically, this setup will allow only domain users to view the "admin" folder.

Back to SecureDirectoriesIIS, or to the Page History.