Re: URLScan, multiple .ini files

From: David Wang [MS] (someone@online.microsoft.com)
Date: 09/28/02 

From: "David Wang [MS]" <someone@online.microsoft.com>
Date: Sat, 28 Sep 2002 02:08:06 -0700

You need to take the ISAPI Filter out of Global WWW and install it
individually for each site. A filter cannot be "overriden"; its effects are
additive (if global and site filters are installed, both are executed for a
request to the site.

Basically, URLSCAN.DLL takes configuration from URLSCAN.INI located wherever
the DLL that is loaded exists. So, you can have two configurations in two
separate locations, and point all websites to either one or the other.

This isn't "easy", but you're asking for a feature that doesn't exist in IIS
before IIS6... 

--
//David
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"sa" <sa_spam@vit.net> wrote in message news:#JrJexkZCHA.2720@tkmsftngp10...
Thanks Thomas,
Let me get this right ;-)
So, I would take the ISAPI filter out of the Global "www",
then apply it indivitualy to each site ?
OR
would the different/new URLSCAN.dll (ISAPI filter), added to the required
site,
would it then over-write the Global filter? (if it is the same name that
is)?
Do I make sense? ;-)
"Thomas Deml [MS]" <thomad@online.microsoft.com> wrote in message
news:eXzO5hkZCHA.2316@tkmsftngp12...
> You can, it's not supported though. You have to install URLSCAN.DLL in
> different directories (a new directory per site) and map a different
> URLSCAN.DLL/URLSCAN.INI pair to each site.
>
> Hope this helps.
>
> Thomas Deml
> Lead Program Manager
> Internet Information Services
> Microsoft Corp.
>
>
>
> "sa" <sa_spam@vit.net> wrote in message
news:egcPNQkZCHA.2304@tkmsftngp10...
> > Hi,
> > We are a small ISP running IIS4 with URLScan, with several websites
using
> > mostly virtual Ip's
> >
> > I need to run and .exe file on one of the websites, however, don't want
to
> > cause additional security holes for the ones that don't require it.
> >
> > Is there a way to just allow this one site ".exe" ?
> >
> > Can I have multiple urlscan.ini files?
> >
> >
> > Thanks in advance,
> >
> >
> >
> >
> >
>
>

Relevant Pages

  • Re: URLScan, multiple .ini files
    ... Thanks Thomas, ... So, I would take the ISAPI filter out of the Global "www", ... >> I need to run and .exe file on one of the websites, however, don't want ...
    (microsoft.public.inetserver.iis.security)
  • Re: URLScan, multiple .ini files
    ... I have URLSCAN version 1.0 installed. ... Is there an Upgrade for URLScan only? ... >> You need to take the ISAPI Filter out of Global WWW and install it ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS 5 serves aspx source
    ... This will install the ISAPI filter, some js files, and properly setup ... Now I have to put it on the second system for my boss to take ... I still get the entire ASPX file sent to the browser. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: URLScan, multiple .ini files
    ... You have to install URLSCAN.DLL in ... different directories and map a different ... > I need to run and .exe file on one of the websites, however, don't want to ...
    (microsoft.public.inetserver.iis.security)