Windows 2008 with IIS 7 - Setting IIS read to off

In IIS6, if you right click on a sub-directory, go to properties and uncheck "read" under the directory tab, that folder would only be localy accessable.  Where is that setting in IIS 7?
Shaun RiemanPresidentAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Brad HoweDevOps ManagerCommented:

Accessflags are not labelled as accessflags in IIS7. It’s name is now accessPolicy and it lives in the handlers configuration section. You can see the handlers section in %windir%\system32\inetsrv\config\applicationhost.config or via the IIS Manager SERVERNAME\Sites\WebSiteName\HandlerMappings.

In this location you will have the READ,WRITE, EXECUTE Feature permission.

I don't this is what you are talking about so I will also provide instructions to deny all access except for localhost. Now if you want to restrict ALL ACCESS and only have local, i would suggest you go about it this way.

1. Open IIS Manager
2. Click on the Virtual Directory in question
3. From the Service pane, select "IPv4 address & Domain restriction"
4. Click on EDIT Feature Settings.
5. Select "Access for unspecified Clients" to DENY.
6. Add an Allow entry for


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Shaun RiemanPresidentAuthor Commented:
Fantastic.  Can I just edit the feature setting without adding an allow to local?

In other words, I don't need to access it local from IIS since i already have permissions set, right?
Brad HoweDevOps ManagerCommented:
It will not be browsable IF you set the default to DENY. It will even be denied locally.

You will need to add to see it via http://localhost/directory or http://serverip/direcetory.

Shaun RiemanPresidentAuthor Commented:
I set the default to deny and did not add a local allow.  This folder contains an access database that needs to be accessed by the IUSR local account...  not though iis.

I really appreciate your help with this.  Peer1 teer 2 tech support couldn't even tell me.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.