I. What are the benefits of such configuration?
Have you heard of this? I would like to give a simple explanation: Some people want to hack Site A, but they have not found any vulnerabilities that can be exploited. Accidentally, they found that there is another site B on the same server as site, the vulnerability that can be exploited is found on site B, so he uploads the Trojan Horse from Site B to the server. If the server permission is improperly configured, now he can hack all the sites on the server! If we create a user for each site and set the user to only have the permission to access the site, the access permission can be controlled in the folder of each site, and the bypass problem is solved.
2. Preparations
Win2k server version + IIS 5.0
The file system of each partition is NTFS.
Create two folders web001 and web002
Create two sites web001 and web002 in IIS. The site folders are E: \ web001 and E: \ web002 respectively. The IP addresses are specified as 192.168.0.146, and the ports are 101 and 102 respectively.
OK. In IE, enter http: // 192.168.0.146: 101 and http: // 192.168.0.146: 102 to test whether the two sites are successfully established.
Iii. configuration process
Create a user group webs, and all future site users will belong to this group for permission allocation.
Create a user web01. Check and select "Password Never Expires" (otherwise, "HTTP 401.1-unauthorized: Logon Failed" is displayed), and set it to belong only to the webs user group. A user web02 is also created.