SecureDirectoriesIIS

This is version 7. It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

Create a test directory to secure, or select an existing directory. For the purposes of this demonstration, I created an "admin" directory under c:\Inetpub\wwwroot:

Create an index.html file in the admin directory with the following contents:

<html>
  <head>
    <title>Login Success</title>
  </head>
	
<body>
Congrats - you made it!
</body>

</html>

Now we need to configure IIS to protect the "admin" folder from just anyone.

• Open the IIS Admin Console (Start -> Programs -> Administrative Tools -> Internet Information Services)
• Navigate to COMPUTER_NAME -> Web Sites -> Default Web Site
• Right-click -> Properties for the "admin" folder
• Select the Directory Security tab and click the "Edit" button to change Anonymous access and authentication control
• Uncheck Anonymous access, check Basic authentication (selecting the default domain) and leave "Integrated Windows authentication" checked
• Stop and restart Default Web Site

Integrated Windows authentication will allow users to auto-login if they're using IE and logged into the domain. Basically, this setup will allow only domain users to view the "admin" folder.