Administering an ISP Installation

Uploading Executable Scripts or Programs

When a web author wants to include a CGI script or a script in an ASP page within a web, make sure that the author isn’t inadvertently uploading a virus or a program that has bugs onto your Web server. You can avoid this risk by preventing an author from uploading scripts and programs to any folder that is part of a web.

To control the uploading of executables

1. In the IIS snap-in, right-click the root web for the appropriate folders.
2. On the menu, click Properties, and then click the Server Extensions tab.
3. To prevent the folder from containing executable scripts or programs, make sure that the Allow authors to upload executables check box is cleared. To allow the folder to contain executable scripts or programs, make sure that the Allow authors to upload executables check box is selected.

Because the default setting prevents authors from uploading executables, you may find that your authors get an error message similar to the following:

Server error: The folder "/Cgi-bin" is marked executable. You are not allowed to put files into an executable folder on this server.

Note   In this example error message, the Cgi-bin directory can be any folder with Executable permission on the server.

This error will occur if the author tries to upload files from an executable folder that is on a client computer to an executable folder that is on the server. When this happens, ask the author to let you test the files before publishing them. If you are confident that the executables are safe, allow the author to upload these files by following the steps that were just listed.

© 1997-1999 Microsoft Corporation. All rights reserved.