Re: Security

From: Tom Kaminski [MVP] ((A_at_T))
Date: 12/08/03

Next message: Lee: "IIS on NT 4.0 - allow password change upon logon"
Previous message: Rex: "Security"
In reply to: Rex: "Security"
Next in thread: anonymous_at_discussions.microsoft.com: "Re: Security"
Reply: anonymous_at_discussions.microsoft.com: "Re: Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 8 Dec 2003 13:22:00 -0500

"Rex" <richmondmsc@hotmail.com> wrote in message
news:06b101c3bdb1$c4002230$a001280a@phx.gbl...
> I am having trouble with securing my web site. It is a
> Corporate web and I need to know how to stop someone from
> editing it in front page. If I turn off authoring that
> stops that but I have .XLS spread sheets that need to be
> able to be saved and with authoring off I can't. I have
> tried all kinds off diferent ways and I can't get both to
> work at the same time.

You need to set appropriate NTFS permissions on the content.
http://www.microsoft.com/windows2000/en/server/iis/

Microsoft Internet Information Server
     Administration
         Server Administration
             Security
                 Authentication
                 Access Control

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/standard/gs_authentication.asp

HOW TO: Configure IIS 5.0 Web Site Authentication in Windows 2000
http://support.microsoft.com/?id=310344
HOW TO: Configure User and Group Access on an Intranet in Windows 2000 or
Windows NT 4.0
http://support.microsoft.com/?id=325358
HOW TO: Configure IIS Web Site Authentication in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;324274

-- 
Tom Kaminski IIS MVP
http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
http://mvp.support.microsoft.com/
http://www.microsoft.com/windowsserver2003/community/centers/iis/

Next message: Lee: "IIS on NT 4.0 - allow password change upon logon"
Previous message: Rex: "Security"
In reply to: Rex: "Security"
Next in thread: anonymous_at_discussions.microsoft.com: "Re: Security"
Reply: anonymous_at_discussions.microsoft.com: "Re: Security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Default document default.aspx fails to resolve
... I think that this is some kind of Sharepoint behavior. ... Kristofer Gafvert - IIS MVP ... > Default web site is 'stsfltr.dll' which I suspect is one ... >>> Do not get a 404 error, rather a standard windows error ...
(microsoft.public.inetserver.iis)
Re: Exchange Virtual Directory 404 Not Found
... XCCC: IIS Lockdown and URLscan Configurations in an Exchange Environmenthttp://support.microsoft.com/?id=309508 ... re-create the Exchange-related virtual directories in Internet Services ... visit the following Microsoft Web site: ... Custom installation option to install only Metabase Explorer 1.6. ...
(microsoft.public.windows.server.sbs)
RE: Remote Webworkplace and OWA 3 times log in
... I rest the IIS - Start RUN - type iisreset ... the IIS Default Web Site application. ... Windows account for anonymous access to the Administrator account I renter ... I understand that users can logon to RWW and OWA ...
(microsoft.public.windows.server.sbs)
[NT] Cumulative Patch for Internet Information Service (28 May 2003)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... security patches released for IIS 4.0 since Windows NT 4.0 Service Pack ... An attacker would need the ability to upload a Server-side ... * A denial of service vulnerability that results because IIS 5.0 and 5.1 ...
(Securiteam)
Re: securing files on IIS web directories
... Configure IIS 5.0 Web Site Authentication in Windows 2000 ... Configure IIS Web Site Authentication in Windows Server 2003 ...
(microsoft.public.inetserver.iis.security)