Securing a Web Site Using NTFS Permissions
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
You can strengthen the security of a Web site by configuring NTFS permissions for directories, virtual directories, or the Web site itself.
Important
You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".
Procedures
To secure a Web site by using NTFS permissions
In IIS Manager, expand the local computer, right-click a Web site or file, and then click Permissions.
Do one of the following:
Task Procedure Add a group or user that does not appear in the Group or user names list box.
- Click Add.
- In the Enter the object name to select box, type the name of the user or group, and then click OK.
Change or remove permissions from an existing group or user.
In the Group or user names list box, click the name of the group or user.
- Click Add.
To allow or deny a specific permission, in the Permissions for User or Group list box, select the Allow or Deny check box.
Important
Inherited Deny permissions do not prevent access to an object if the object has an explicit Allow permission entry. Explicit permissions take precedence over inherited permissions, including inherited Deny permissions.
Related Information
- For more information about access control, see "Access Control" in Help and Support Center for Windows Server 2003.