renis
asked on
Hosting with IIS
Hello everybody!
I'm trying to setup a windows 2000 server, IIS 5, for hosting. The problem is: How can i secure my customers pages. With a simple ASP script, using FileSystemObject, any customer can read what ever he want in the HDD. So he can read also ASP source of other customers.
For the other part of HDD i'm thinking to remove everyone access at NTFS and put only Administrators and SYSTEM. But what to do with users folder. They of course need INETUSR read. So they can read each other script sources.
Exist any solution for this?
Thank You!
I'm trying to setup a windows 2000 server, IIS 5, for hosting. The problem is: How can i secure my customers pages. With a simple ASP script, using FileSystemObject, any customer can read what ever he want in the HDD. So he can read also ASP source of other customers.
For the other part of HDD i'm thinking to remove everyone access at NTFS and put only Administrators and SYSTEM. But what to do with users folder. They of course need INETUSR read. So they can read each other script sources.
Exist any solution for this?
Thank You!
ASKER
But my customers need that.
Now i'm thinking another solution. Please tell me if this is right or not.
1. Open a windows user for every customer.
2. Create folder for the user and give NTFS access for administrators, System and user account.
3. Create WebSite at IIS.
3. Open IIS properties for website just created and change IIS User from INETUSR to useraccount.
Maybe this can be a solution. In this mode every user will have access only at his folder.
But i'm not sure this will work or not... any opinion?
Now i'm thinking another solution. Please tell me if this is right or not.
1. Open a windows user for every customer.
2. Create folder for the user and give NTFS access for administrators, System and user account.
3. Create WebSite at IIS.
3. Open IIS properties for website just created and change IIS User from INETUSR to useraccount.
Maybe this can be a solution. In this mode every user will have access only at his folder.
But i'm not sure this will work or not... any opinion?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you. I was searching for an article like this in internet, but was unable to find.
I had the same idea, but i was really unsure for that. Now i'm clear.
Thank you Andres
I had the same idea, but i was really unsure for that. Now i'm clear.
Thank you Andres
regsvr32 scrrun.dll /u
From "Secure Internet Information Services 5 Checklist"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/chklist/iis5chk.asp