|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Anonymous accessHi all,
I have an IIS 6 web server that hosts multiple web sites. i would use a dedicated user for each web site instead of using the default anonymous user (IUSR_ServerName). I think that's possible, but my question is about the security level i have to set up for this manually defined anonymous user to reach an optimal security behaviour. I hope you understand my problem... Thanks in advance. Yes, it is possible in fact you should take care of the app pool id as well.
Meaning each site should reside in own app pool. Been a while I have work on IIS 6, don't think this apply to IIS 6, but in IIS 7 you can now 'config' the app pool id as the anonymous user request id. Skip the hassle to maintain two separate account for each site/app. Anyway, for IIS default user/group permissions, read - Default permissions and user rights for IIS 6.0 http://support.microsoft.com/?id=812614 Show quoteHide quote "Markisha" <Marki***@discussions.microsoft.com> wrote in message news:45DDB9B7-5A07-45B7-95D1-D000ED5ECC34@microsoft.com... > Hi all, > I have an IIS 6 web server that hosts multiple web sites. > i would use a dedicated user for each web site instead of using the > default > anonymous user (IUSR_ServerName). > I think that's possible, but my question is about the security level i > have > to set up for this manually defined anonymous user to reach an optimal > security behaviour. > > I hope you understand my problem... > Thanks in advance. 
Other interesting topics
Re: Q: Digital certificate inventory within network?
Windows Authentication Access Denied Error Web App using integrated Active Directory Authentication Problem processing SSL certificate response. IIS IWA no longer works after VS2008 SP1 installed IIS Restrictions How to use SSL host headers for multiple domains on the same serve Sharing between server Certificate Types Internal site configuration |
|||||||||||||||||||||||
