FrontPage Server Extensions for Windows - FPSE Security

This is Interesting: Free IT Magazines  
Home > Archive > FrontPage Server Extensions for Windows > September 2005 > FPSE Security





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author FPSE Security
Buddy Ackerman

2005-09-13, 6:01 pm

I installed FPSE on my server but it apparently has no security setup. There is nothing to stop anyone from connecting
to the website on my server. How do I get FPSE to restrict access without affecting normal users browsing the site?

--Buddy
Tom Pepper Willett

2005-09-13, 6:01 pm

http://www.microsoft.com/resources/...doc/ows000.mspx
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/of...etid=FX01085802
How to ask a newsgroup question:
http://support.microsoft.com/kb/555375
===
"Buddy Ackerman" <buddy_nospam@buddyackerman.com> wrote in message
news:uDZF9gKuFHA.2792@tk2msftngp13.phx.gbl...
|I installed FPSE on my server but it apparently has no security setup.
There is nothing to stop anyone from connecting
| to the website on my server. How do I get FPSE to restrict access without
affecting normal users browsing the site?
|
| --Buddy


Buddy Ackerman

2005-09-13, 6:01 pm

Something is not right becaue I have gone in to the site sharepoint site administration tool and anonymous users are
supposed to be allowed only "Browser" access yet no one that has logged in with FP has had a problem uploading files
without any authentication. Anonymous authentication is on but it says it's only assigned to the "Browser" role, so why
can these users modify documents without having to login? I don't understand.



Tom Pepper Willett wrote:
> http://www.microsoft.com/resources/...doc/ows000.mspx
Mark Fitzpatrick

2005-09-13, 8:48 pm

Check the NTFS permissions then. FP simply gets it's setting from the file
permissions that are on the files and directories. It could be that there is
an error in the actual security permissions on the files/directory but FP is
unable to effectively change them due to the permissions error. It sounds
like the IUSR account either has to much access, or the Everyone group has
also been designated access and has too high a permission level. Typically,
you don't need the Everyone group to have access but give read/write access
to the IUSR group. FP may only be focusing on the IUSR group and not be
picking up the Everyone group. With security issues, it's good to start by
looking directly at the security descriptors on the files themselves because
FP just asks the OS to get or set permissions and doesn't exactly keep it's
own specific set of permissions.

Hope this helps,
Mark Fitzpatrick
Microsoft MVP - FrontPage

"Buddy Ackerman" <buddy_nospam@buddyackerman.com> wrote in message
news:%23%23ACX7KuFHA.1136@TK2MSFTNGP12.phx.gbl...[vbcol=seagreen]
> Something is not right becaue I have gone in to the site sharepoint site
> administration tool and anonymous users are supposed to be allowed only
> "Browser" access yet no one that has logged in with FP has had a problem
> uploading files without any authentication. Anonymous authentication is
> on but it says it's only assigned to the "Browser" role, so why can these
> users modify documents without having to login? I don't understand.
>
>
>
> Tom Pepper Willett wrote:


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com