7.2. Setting site-level permissions: NTFS

The three authentication credentials you configured in the last section control who can access your web server and websites. Those credentials combined with NTFS security permissions will control what they can do to the websites. As an example, you don’t want anonymous users to have the ability to delete your web pages! The next step in the process of securing a website is to take the authentication credentials and configure them with the proper NTFS filesystem permissions to the web pages.

By default, all authenticated users in your company can access every website and application. This is rarely the type of access you want; I certainly don’t want everyone accessing confidential accounting information. ...

Get Learn Windows IIS in a Month of Lunches now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.