The server Web site is detached to each IIS site to establish a user 1th/2 page _win server

One, the benefits of this configuration?

I wonder if you have heard the side note? Let me explain briefly: there is a person who wants to black out a site, but look for to find no exploitable loophole, inadvertently he found with a server There is also a B site, and found on the B site to exploit the loophole, so he will Trojan from B station upload to the server, if the server permissions improperly configured, So now he can hack all the sites on the server! If we set up a user for each site and set the user to have access to this site, then the access rights can be controlled in each site folder, and the side note problem is resolved.

Ii. Preparatory work

Win2K Server version + IIS 5.0
Each partition file system is NTFS
Set up two folders under E disk web001 and web002
New two sites in IIS web001 and web002, the site folders are E:\web001 and E:\web002, and the IP is 192.168.0.146, and the ports are 101 and 102, respectively.

OK, in IE, respectively, enter http://192.168.0.146:101 and http://192.168.0.146:102 test two site is established successfully.

Third, the configuration process



Create a new user group webs and all site users will be subordinate to the group for permission assignment.

Set up user web01, note to check "Password never Expires" (otherwise, "HTTP 401.1-Unauthorized: Logon Failed"), and set it to only belong to the Webs user group. Also under construction a user web02.

Current 1/2 page 12 Next read the full text