Graphical Web and FTP server security management configuration

Source: Internet
Author: User

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

Once the Web and FTP servers have been created, proper management is required to enable the user's information to be securely and effectively accessed by other visitors. Web and FTP servers are basically the same management, including some general management and security management, and here are seven key aspects.

First, enable expired content

Enabling expired content means setting up to ensure that your site's outdated information is not released. When information on the user's web and FTP sites is highly time-sensitive, it is necessary to make outdated content settings, which not only helps to purify users ' web and FTP sites, but also helps visitors to find information. When expired content is enabled, the user can either set the entire site directly or set it for a directory. The following is a brief description of the expiration content setup process.

Note: After the expired content is started, the Web browser compares the current date or time with the set expiration time or time when browsing to determine whether to display the original information or the updated information.

1. Click the HTTP Headers tab, as shown in Figure 1. In this tab, enable the Enable Content Expiration check box to activate the options in the Enable Content Expiration option area.

2. In the Enable Content Expiration option area, users can set the expiration time for content. Select the "expire at this time" radio button, enter a value in the text box that follows and select a unit of time in the Drop-down list box, for example, 2 0 and day, after 2 0 days, visitors will no longer be able to access the current information of the site; Select the "expire at this time" radio button, Select the date from the Drop-down list box that follows, and adjust the value of the subsequent time spinner. Users can set the expiration date directly for the expired content, for example, the selected time is 1 9 9 9 Year 1 February 3 1st 1 2:0 0:0 0, then the site now information will be in 1 9 9 9 years 1 February 3 1st 1 2:0 0:0 0 Expires, can no longer be accessed, and if you want to expire the current information for that site, select the "Expire Now" radio button.

Ii. Content Grading Settings

If the content of the user's site is not for all visitors, content-rating settings are required to prevent other visitors who do not have the hierarchy requirement from viewing the site content. Hierarchical service settings allow users to insert descriptive labels on the HTTP headers of each Web page. When a visitor accesses a user's site, his web browser can first examine the hierarchical service requirements for the HTTP headers of each Web page and determine what content can be browsed and not browsed based on the browser's hierarchical settings and the site's rating requirements.

In a preset scenario, Windows 2000 has a RSAC (recreational Software Advisory Council) tiered service system for tiered services. The Internet rating, studied by Dr. Donald F. Roberts at Stanford University, focuses on four aspects of violence, sex, nudity, and language. Before setting the content of the rating service, users need to fill out a RSAC rating questionnaire online to get some recommended content ratings for better grading settings. The outline content setup process is as follows:

1. In the figure shown in Figure 1, click the Edit Rating button to open the Content Rating dialog box, as shown in Figure 2.

2. On the Rating Services tab, click the Details button to view the Internet page of the RSAC rating service, click the Rating Questionnaire button to connect to the RSAC site and fill out the rating questionnaire.

3. After understanding the RSAC system, users can set the content of the rating service to filter the content of the company's Web pages. Click the Rating tab and select the Enable rating on this resource check box on the Rating tab, as shown in Figure 3.

4. In the Categories list box, select one of the four categories of violence, sex, nudity, and language, and the rating slider appears, adjusting the slider to change the rating level of the selected category.

5. If you want to classify your e-mail messages, users can enter their own e-mail addresses in the age of this content rating person's e-mail name text box.

6. If you want to set the expiration time separately for the rating service, click the lower triangle button in the failed in Drop-down list box to select a date from the pop-up electronic calendar.

7. After setting, click OK to return to the Properties dialog box, and then click OK to save the settings.

Third, add page footer

In user Web site management, users often insert a script file written in HTML in front of each Web page as a page footer to increase the content of the Web site. For example, a script file written in HTML language adds some simple text and identity graphics to a Web page, and even includes content such as user Web site management and service orientation. Not only does this greatly increase the readability of the user's web site, but it also directs visitors to read the content later in the user's Web site. In addition, a page footer can reduce the time that a Web server executes, and using a document footer is useful if the user's Web site is accessed frequently by other visitors. To add a page footer, refer to the following steps:

1. Create an HTML page footer file and save it on the hard disk of your Web server.

2. In the console directory tree of Internet Services Manager (shown in Figure 4), right-click a Web site or directory child node, for example, MSADC virtual directory, from the pop-up shortcut menu, select Properties, open the MSADC Properties dialog box, click the Documents tab, As shown in Figure 4.

3. On the Documents tab, select the Enable document Footer check box, and in the Enable Document footer text box, enter the full path of the footer file. If the user does not know the full path to the footer file, click the Browse button and open the Open dialog box to select it.

4. Click OK to return to the Properties dialog box, and then click OK to save the settings.

Note The document footer file is not a complete HTML document, it contains only those HTML tag information that explains how to arrange the display of the contents of the footer. For example, by using a footer file that adds the name of the user's organization before each Web page, the footer file should contain both the text content and the font and color of the formatted text.

Iv. Security and Permissions settings

Security and permissions settings are the most important protection for IIS to secure its site, and can be used to control how users are authenticated and their access rights. In the process of right security and limit setting, administrators can not only set permissions and site security inheritance, but also select settings to apply, including authentication methods, access permissions, IP address restrictions, and so on. The permissions and security settings process are as follows:

1. Select All Tasks | Permission Wizard command, open the Permission Wizard dialog box. Click the Next button to open the Security Settings dialog box, as shown in Figure 5.

2. If you want to inherit security settings from the parent site or virtual directory, select the Inherit all security Settings radio button, or select new security settings from the template if you need to select new security settings.

3. Click the Next button to open the Windows directory and File Permissions dialog box, as shown in Figure 6.

4. If you want to keep Windows directory and file permissions, select the Keep directory and file permissions radio button, and if you want to keep the original Windows directory and file permissions and add the new settings, select "Keep the current directory and file license configuration intact and add the recommended permissions" Radio button. Here Select the "recommend: Replace all directory and file access rights" radio button to replace the existing directory and file permissions with the newly set permissions.

5. Click the Next button to open the Security Summary dialog box shown in Figure 7, and in the Set list box, select the settings you want to apply, including authentication methods, access permissions, IP address restrictions, and file ACLs that will not be modified.

6. Click the Next button to open the "You have successfully completed the IIS 5.0 ' Permissions Wizard" dialog box, and then click Finish to complete the setup.

V. SAFETY Certification

In Windows 2000, Internet Information Services provide three types of logon authentication for HTTP protocol access, which are anonymous, plaintext, and query/reply methods. The way users do this depends on the purpose of the user setting up an Internet Information Server.

If the user is setting up a site for advertising purposes, then you can choose an anonymous method. Because most of the visitors are visiting the user's site for the first time, it is impossible and unnecessary for the user to establish an account for them. If you want to use your own Internet Information Server to provide your visitors with network services such as e-mail hosting or information delivery, you need to select clear text. Because in this way, visitors must use a username and password to access, effectively protect the security of private messages or information. If the user's Internet Information Server's visitor is primarily an employee within the enterprise, and you want the information in the server to be the safest protection, you can choose an inquiry/answer method. This approach requires the visitor to make an access request before access is granted, so that access to the user's server is under the direct control of the user. This way, however, requires that the browser used by the visitor must be a InternetExplorer browser, because other browsers do not support this authentication method.

Because access to Web, FTP, and the SMTP virtual server is anonymous on many Internet Information servers, this section describes how to perform security authentication settings as an example of anonymous access.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.