|
Home > Archive > IIS Server Security > November 2006 > IIS Configuration
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Gladyston 2006-11-16, 1:17 pm |
| Hello!
I have an windows 2003 Standart with all updates and this only run IIS. I
have many sites in IIS, but in some, I need set IUSR permission as write.
This way i was hacked. What i can do different?
Thanks
| |
| Bernard Cheah [MVP] 2006-11-17, 1:25 am |
| 1 way is to configure special anonymous user for that particular web
application, and ensure the account can only write to certain folder with
proper NTFS permissions control, with additional - setting now
scripts/execute permissions on those folder if it's within the web site
structure.
--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/
"Gladyston" <Gladyston@discussions.microsoft.com> wrote in message
news:167D5D45-A3E1-4132-9326-9191D0DE854D@microsoft.com...
> Hello!
>
> I have an windows 2003 Standart with all updates and this only run IIS. I
> have many sites in IIS, but in some, I need set IUSR permission as write.
> This way i was hacked. What i can do different?
>
>
> Thanks
|
|
|
|
|