miyahira
asked on
Securing a file server that goes to http
Hello,
I'm a programmer, not a sys admin. My question is about securing web servers.
We have two asp.net applications that display and let download a same group of MS-Word or PDF documents.
We have decided to store those documents not in a database but in filesystem. Also we have decided to put each asp.net in different servers (Windows Server 2003 with IIS6.0). The documents will be stored in a folder of a third server. Please see picture attached. Those three servers will be inside a DMZ.
In that case, those documents should be able to be browsed by http. As they are public, we are not worry about keeping them under secret, but we are worry about a possible server hacking and modifying contents.
What would be a good way to secure that file server of documents?
Would be better to migrate to Windows Server 2008?
SERVERS.png
I'm a programmer, not a sys admin. My question is about securing web servers.
We have two asp.net applications that display and let download a same group of MS-Word or PDF documents.
We have decided to store those documents not in a database but in filesystem. Also we have decided to put each asp.net in different servers (Windows Server 2003 with IIS6.0). The documents will be stored in a folder of a third server. Please see picture attached. Those three servers will be inside a DMZ.
In that case, those documents should be able to be browsed by http. As they are public, we are not worry about keeping them under secret, but we are worry about a possible server hacking and modifying contents.
What would be a good way to secure that file server of documents?
Would be better to migrate to Windows Server 2008?
SERVERS.png
Agreed. A layered approach is best and have way to monitor each layer. So the file server can only be accessed by the web server and even then you can do read only if you want.
ASKER
Thanks, xuserx2000.
Just a small clarification for option number two:
2) For that "service account", I guess that I have to create an account named "DocReader" in Web Server with privileges to read files in File System Server. Also, in FileSystem Server should exist a DocReader account.
Are those accounts transparent for asp.net? Or should I specifically use that service account in my asp.net application for reading documents?
Just a small clarification for option number two:
2) For that "service account", I guess that I have to create an account named "DocReader" in Web Server with privileges to read files in File System Server. Also, in FileSystem Server should exist a DocReader account.
Are those accounts transparent for asp.net? Or should I specifically use that service account in my asp.net application for reading documents?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You said they are public documents, so I don't see the need for encryption, just share it to the other box with read only permissions.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
>> The file server should be only a file server.
I think that file server should has IIS6.0. If not, would be still possible to access documents from two different web applications A and B?
Web Applications A and B load document from fileserver as:
http://192.168.10.32/Documents/MyDoc.doc
I think that file server should has IIS6.0. If not, would be still possible to access documents from two different web applications A and B?
Web Applications A and B load document from fileserver as:
http://192.168.10.32/Documents/MyDoc.doc
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1) Encrypt the files and decrypt them when serving them up on the webserver.
2) Use a "service account" to access the files, from the webserver.. in this scenario I would recommend the file server wouldn't be a member of the domain, and you would use a strong password for both the administrator account and the service account.
3) Create a firewall rule that only allows communication from the webserver to the fileserver and visa versa. That way the only way to get these files, or the server itself.. is through the web interface you've established.
Ideally you would use all three of these options together.