?
Solved

Web user able to view contents of the folder

Posted on 2005-03-23
7
Medium Priority
?
207 Views
Last Modified: 2010-04-17
I have a webpage the uses a folder structure such as

http://www.mysite.com/myfolder/page.asp

when I type in

http://www.mysite.com/myfolder 
I am able to see all the pages tha tin that folder.  THis is a MAJOR security risk, being some of the pages are for administrators.  Any help?  I am using IIS 6

Thanks
0
Comment
Question by:mark951
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
7 Comments
 
LVL 23

Accepted Solution

by:
gecko_au2003 earned 1000 total points
ID: 13614574
http://support.microsoft.com/kb/324066/EN-US/

http://www.windowsitpro.com/Web/Article/ArticleID/7853/7853.html

http://www.clublk.us/postp29636.html

Other then that just set the security settings for the folders you do not want other users to be able to access / view.

Let me know if these help you out any :)
0
 
LVL 15

Assisted Solution

by:Ralf Klatt
Ralf Klatt earned 1000 total points
ID: 13615841
Hi,

You'd probably better place your IIS question at http://www.experts-exchange.com/Web/Web_Servers/IIS/

The links Gecko provided will give you lots of information ... as a small addon to Gecko's suggestions have a look at the Access-Control Process: http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_SEC_19.mspx

If this is also about disabling certain applications on IIS level you might find this suggestion useful:
Please open your IIS Service Manager and expand the "Main Site" tree ... there you choose the site you're up to modify, right click and select "Properties ...

Screenshot: http://www.vb-development.de/exex/YourWeb_Properties.jpg

... on the virtual directory tab you choose "Configuration" ...

Screenshot: http://www.vb-development.de/exex/application_configuration.jpg

... there you'll find "Extension", "Executable Path" and "Verbs" (the screenshots are of IIS5 because my DC has an English OS, on my clients I only have German IIS6 versions running -> but that specific part is equal from IIS5 to IIS6!) ...


Best regards,
Raisor
0
 
LVL 23

Expert Comment

by:gecko_au2003
ID: 13615981
Raisor strikes again LOL J/K. Anyway I hope our suggestions help you out !
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Whether you’re a college noob or a soon-to-be pro, these tips are sure to help you in your journey to becoming a programming ninja and stand out from the crowd.
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Six Sigma Control Plans
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question