Re: URLScan, multiple .ini files
From: sa (sa_spam@vit.net)
Date: 09/28/02
- Next message: sa: "Re: URLScan, multiple .ini files"
- Previous message: Rafael Reyes: "Re: Please, want some body to explain me about certificates?"
- In reply to: David Wang [MS]: "Re: URLScan, multiple .ini files"
- Next in thread: sa: "Re: URLScan, multiple .ini files"
- Reply: sa: "Re: URLScan, multiple .ini files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "sa" <sa_spam@vit.net> Date: Sat, 28 Sep 2002 11:16:47 -0700
Thanks David,
so would the following scenario work:
Global ISAPI:
Less restrictive URLScan ini/dll (to allow .exe's to go through for
example)
LOCAL ISAPI:
- for sites that don't need .exe/cgi:
Add the more restrictive URLScan ini/dll (stopping all .exe)
- for sites that need the .exe/cgi
do nothing else.
Thanks in advance,
SA
"David Wang [MS]" <someone@online.microsoft.com> wrote in message
news:OkkGn5sZCHA.2420@tkmsftngp09...
> You need to take the ISAPI Filter out of Global WWW and install it
> individually for each site. A filter cannot be "overriden"; its effects
are
> additive (if global and site filters are installed, both are executed for
a
> request to the site.
>
> Basically, URLSCAN.DLL takes configuration from URLSCAN.INI located
wherever
> the DLL that is loaded exists. So, you can have two configurations in two
> separate locations, and point all websites to either one or the other.
>
> This isn't "easy", but you're asking for a feature that doesn't exist in
IIS
> before IIS6...
>
> --
> //David
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "sa" <sa_spam@vit.net> wrote in message
news:#JrJexkZCHA.2720@tkmsftngp10...
> Thanks Thomas,
>
> Let me get this right ;-)
>
> So, I would take the ISAPI filter out of the Global "www",
> then apply it indivitualy to each site ?
>
> OR
>
> would the different/new URLSCAN.dll (ISAPI filter), added to the required
> site,
> would it then over-write the Global filter? (if it is the same name that
> is)?
>
> Do I make sense? ;-)
>
>
>
> "Thomas Deml [MS]" <thomad@online.microsoft.com> wrote in message
> news:eXzO5hkZCHA.2316@tkmsftngp12...
> > You can, it's not supported though. You have to install URLSCAN.DLL in
> > different directories (a new directory per site) and map a different
> > URLSCAN.DLL/URLSCAN.INI pair to each site.
> >
> > Hope this helps.
> >
> > Thomas Deml
> > Lead Program Manager
> > Internet Information Services
> > Microsoft Corp.
> >
> >
> >
> > "sa" <sa_spam@vit.net> wrote in message
> news:egcPNQkZCHA.2304@tkmsftngp10...
> > > Hi,
> > > We are a small ISP running IIS4 with URLScan, with several websites
> using
> > > mostly virtual Ip's
> > >
> > > I need to run and .exe file on one of the websites, however, don't
want
> to
> > > cause additional security holes for the ones that don't require it.
> > >
> > > Is there a way to just allow this one site ".exe" ?
> > >
> > > Can I have multiple urlscan.ini files?
> > >
> > >
> > > Thanks in advance,
> > >
> > >
> > >
> > >
> > >
> >
> >
>
>
>
>
- Next message: sa: "Re: URLScan, multiple .ini files"
- Previous message: Rafael Reyes: "Re: Please, want some body to explain me about certificates?"
- In reply to: David Wang [MS]: "Re: URLScan, multiple .ini files"
- Next in thread: sa: "Re: URLScan, multiple .ini files"
- Reply: sa: "Re: URLScan, multiple .ini files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
