Hello,
This is a powerful component and it is very useful.
However,I have some questions to be asked.
I am the administrator of the server and I have a customer who is using this application on his hosting account.He may access to others users account if he know the physical path of that user's account on the server.Is there any way to prevent the application to access to others accounts folders on the server?This is for security reasons.
Thanks for the reply !
Andy
Andy
1/13/2003 12:58 PM
Hi Andy,
You can limit the access of your customers if you do the following:
1. Remove the 'Everyone' Account from all folders.
2. Remove the 'IUSR_Machinename' account from all folders (including customer folders) except Web Root of the server.
3. Create an account for each customer, named like 'IUSR_Customername'.
5. Now assign each created account only to the corresponding virtual folders of the customers for the 'Anonymous Access' property (IIS Directory Security).
This way, each customer would be limited to their own folders.
Cem Alacayir
1/13/2003 6:57 PM
Hi,
I'm having the same problem, I created a account for each website and configured IIS to use the accounts, but I still have access to every folder that I know the physical location, like c:\. I exclude the everyone from C:\ too but don't work.
Thank you for your help !
Rodrigo
Brazil
Rodrigo
10/14/2003 6:34 PM