Setting Web Server Permissions

It is important to understand the distinction between Web server permissions and NTFS permissions. Unlike NTFS, Web server permissions apply to all users accessing your Web and FTP sites. NTFS permissions apply only to a specific user or group of users with a valid Windows account. NTFS controls access to physical directories on your server, whereas Web and FTP permissions control access to virtual directories on your Web or FTP site. For more information, see Web and FTP Sites.

By default, Web and FTP access permissions use the Windows account IUSR_computername. When users access your site, using anonymous authentication, they use this account. By default, IUSR_computername is given NTFS permissions by IIS for the actual folders that comprise the Web or FTP site. You can, however, change these permissions for any folder or file in your site. For example, you can use Web server permissions to control whether users visiting your Web site are allowed to view a particular page, upload information, or run scripts on the site. For more information, see About Access Control.

Important

 

To set Web server permissions for Web content (including WebDAV)
  1. In the Internet Information Services snap-in, select a Web site, virtual directory, or file, and open its property sheets.
  2. On the Home Directory, Virtual Directory, or File property sheet, select or clear any of the following check boxes (if available):
  3. Under Execute Permissions select the appropriate level of script execution:
  4. Click OK.
  5. Notes

Caution   When you select Script Source Access, users may be able to view sensitive information, such as a user name and password, from the scripts in an ASP application. They may also change source code that runs on your server, and seriously affect your server's security and performance. Access to these types of information and functions are best utilized through individual Windows accounts and higher-level authentication, such as Digest or integrated Windows authentication.

To set Web server permissions for FTP content
  1. In the Internet Information Services snap-in, select a Web site, virtual directory, or file, and open its property sheets.
  2. On the Home Directory,Virtual Directory, or File property sheet, select or clear any of the following check box options:

For more information about these property sheets, click Help on the appropriate property sheet.


© 1997-1999 Microsoft Corporation. All rights reserved.