You can use Web server permissions to control how users access and interact with specific FTP and Web sites. For example, you can use Web server permissions to control whether users visiting your Web site are allowed to view a particular page, upload information, or run scripts on the site. Unlike Windows NT File System (NTFS) permissions, Web server permissions apply to all users accessing your Web and FTP sites. This distinction is very important because NTFS permissions apply only to a specific user or group of users with a valid Windows NT account. For more information, see About Access Control.
Important
- When you set security properties for a specific site, you automatically set the same security properties for all directories and files belonging to that site, unless the security properties of the individual directories and files have been previously set.
- Your Web server will prompt you for permission to reset the properties of individual directories and files when you attempt to set security properties for your Web site. If you choose to reset these properties, your previous security settings will be replaced by the new settings. The same condition applies when you set security properties for a directory containing subdirectories or files with previously set security properties. For more information about setting properties, see the Properties and Inheritance of Properties on Sites section in About Web Sites.
To set Web server permissions for Web content
- In Internet Service Manager, select a Web site, directory, or file, and open its property sheets.
- On the Home Directory,Directory, or File property sheet, under Properties, select or clear any of the following check boxes (if available):
Access Permissions:
- Read (selected by default)
- Write
Permissions:
- None (selected by default)
- Script
- Execute
- Click OK.
Note
- Disabling Web server permissions, such as Read, restricts all users from viewing a file, regardless of the Windows NT File System permissions applied to those users' accounts. However, enabling a permission can allow all users to view that file, unless NTFS permissions that restrict access have also been applied.
- If both Web server and Windows NT permission are set, the permissions that explicitly deny access take precedence over permissions that grant access.
Caution When you select the Write and Execute check boxes, you enable users to upload and execute programs on your Web server. A user can inadvertently or intentionally upload and then run a potentially destructive program on your server. Whenever possible, select the Script option rather than the Execute option, because the Script option limits users to executing programs and scripts that are already stored in the home directory.
To set Web server permissions for FTP content
- In Internet Service Manager, select a Web site, directory, or file, and open its property sheets.
- On the Home Directory,Directory, or File property sheet, select or clear any of the following check box options:
For more information about these property sheets, click Help on the appropriate page.
- Click OK.
Note Disabling Web server permissions, such as Read, restricts all users from viewing a file, regardless of the Windows NT File System permissions applied to those users' accounts. However, enabling a permission can allow all users to view that file, unless NTFS permissions that restrict access have also been applied.
If both Web server and Windows NT permissions are set, permissions that explicitly deny access take precedence over permissions that grant access.
© 1997 by Microsoft Corporation. All rights reserved.