|
Home > Archive > IIS Server Security > February 2007 > Allow http, but deny ftp
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Allow http, but deny ftp
|
|
| Thomas Kofler 2007-02-13, 1:17 pm |
| Hello,
we have the following scenario:
IIS 6.0 on Windows 2003
Web-Directory and ftp-Directory use the same physical ntfs folder.
For one user (Active Directory) we have a a secure web appliation (SSL) to
upload/download documents (the NTFS permission for the AD user must be set
probably on this directory).
The problem: The same user could use ftp to download the file unsecure.
How to "block" this specific user to use ftp?
| |
| Ken Schaefer 2007-02-14, 7:20 am |
| Hi,
Make the folder a virtual directory that is not located under the physical
web root. Do not add it as a virtual directory under your FTP server.
Cheers
Ken
"Thomas Kofler" <ThomasKofler@discussions.microsoft.com> wrote in message
news:2F2E404C-CB10-46B8-97F1-33BAEA0AC0B2@microsoft.com...
> Hello,
>
> we have the following scenario:
>
> IIS 6.0 on Windows 2003
>
> Web-Directory and ftp-Directory use the same physical ntfs folder.
>
> For one user (Active Directory) we have a a secure web appliation (SSL) to
> upload/download documents (the NTFS permission for the AD user must be set
> probably on this directory).
>
> The problem: The same user could use ftp to download the file unsecure.
>
> How to "block" this specific user to use ftp?
|
|
|
|
|