Administering an ISP Installation

Previous Topic Next Topic

Resecuring a Site

This section tells you how to restore security, if you’ve determined that unauthorized users are able to log on to a Web site by using the IUSR_computername. Without examining a specific problem and configuration, it’s hard to make generalizations. However, the following troubleshooting procedure suggests a way to tighten security on a site.

To resecure a site

  1. If your server is configured with nested content or overlapping virtual servers, fix those problems first.
  2. If the IUSR_computername account is a member of the Administrators group, remove it from the group. No anonymous user should have administrator privileges.
  3. In FrontPage, on the Tools menu, select Security and then Permissions.
  4. On the Permissions property sheet, if the Everyone group is listed, remove it, and click OK.
  5. Reopen the Permissions property sheet, and on the Users tab, select Everyone has browse access.

    The IUSR_computername account is a member of the Everyone group, and should not be a member of any group that has Author access. If Permissions on the Tools menu is grayed out, you are on a file allocation table (FAT) partition. You must store Web content on an NTFS partition in order to have FrontPage security.

    If the IUSR_computername account can still open the Web site, see step 6.

  6. For the root Web site and all its sub-webs that use unique permissions, set Only registered users have browse access on the Permissions property sheet.

    Similar to a directory hierarchy, a sub-web is a site under a main Web site.

  7. To tighten security, open the IIS snap-in, right-click the virtual server, click Tasks, click Check Server Extensions, and select Yes.
  8. Open the FrontPage web. (If you receive an error message, give the IUSR_computername account Read, Write, and Delete permissions to the _vti_pvt directory of the web in question.)
  9. Set the site back to Everyone has browse access. Exit the FrontPage Explorer, and retest the security of the web in FrontPage.
  10. If you’ve tried each of the previous steps to no avail, or if you get unexpected results when managing content with FrontPage, reset NTFS permissions back to the default, and let FrontPage retake control.

    This step applies to a single sub-web site, or to an entire virtual server.


© 1997-1999 Microsoft Corporation. All rights reserved.