My company has a website that is being hosted on one of the DC's with IIS.
On the main page of the site there is a link to a staff webpage which requires a login to access.
When accessing the website by www.mywebsite.com
, the user is prompted with the login.
But, when accessing the website by mywebsite.com, https://www.mywebsite.com
, or https://mywebsite.com
, there is no login and the webpage is accessible to anyone.
The folder that the webpage is in has "Enable anonymous access" unchecked and "integrated windows authentication" is checked.
Don't know if this is important, but when using the website within the network, it still asks for the login.
This is on a Windows 2003 SP1 Server.