Security Planning
Carefully plan the setup of IIS to best protect the perused site. For example, keep executable files and text/graphics files in separate directories so that you can easily provide different levels of access. Also, anonymous users generally need only read permission, as established in both Internet Information Services and in Windows 2000.
Security settings for the IIS directories should be established based on the type of directory. If the directory is content-based, the observer should have read (R) access. If the directory is program-based, the observer should have read and execute (RX) access. If the directory is a database, the observer should have read and write (RW) access. That is, the following permissions are recommended: ...
Get Internet Information Services Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
