|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Implications of a SSL site as a virtual directory rather than a root website?I would like to know if anyone has links related to the implications of
running a SSL site as a virtual directory site rather than a root website. Thanks. -- spam999free@rrohio.com remove 999 in order to email me When you install an SSL server-authentication certificate, it it typically
installed for the entire website, not for a single directory (virtual or otherwise). You can choose to make your entire website, or only a portion of your website (e.g. a single directory) available over SSL. However, as it stands, your question doesn't really make a lot of sense. Cheers Ken Show quoteHide quote "Leythos" <v***@nowhere.lan> wrote in message news:CMSQg.1277$pq4.309@tornado.ohiordc.rr.com... >I would like to know if anyone has links related to the implications of > running a SSL site as a virtual directory site rather than a root > website. > > Thanks. > > -- > > spam999free@rrohio.com > remove 999 in order to email me In article <OuaVq9u3GHA.1***@TK2MSFTNGP02.phx.gbl>,
kenREM***@THISadOpenStatic.com says... > When you install an SSL server-authentication certificate, it it typically Since the NT4 days I've always made sites that were Root Sites, not > installed for the entire website, not for a single directory (virtual or > otherwise). > > You can choose to make your entire website, or only a portion of your > website (e.g. a single directory) available over SSL. > > However, as it stands, your question doesn't really make a lot of sense. virtual directory sites, it was easy to lock them down, easy to keep other sites on the server from interfering with them, easy to keep other vendors that maintain a site from messing with the other root sites. To make this question simple: Are virtual directory sites as secure as root sites - from the administrator and user and web user point of view? -- spam999free@rrohio.com remove 999 in order to email me
Show quote
Hide quote
"Leythos" <v***@nowhere.lan> wrote in message Perhaps you need to define your terms very carefully and clearly.news:UX9Rg.345$Cq3.183@tornado.ohiordc.rr.com... > In article <OuaVq9u3GHA.1***@TK2MSFTNGP02.phx.gbl>, > kenREM***@THISadOpenStatic.com says... >> When you install an SSL server-authentication certificate, it it >> typically >> installed for the entire website, not for a single directory (virtual or >> otherwise). >> >> You can choose to make your entire website, or only a portion of your >> website (e.g. a single directory) available over SSL. >> >> However, as it stands, your question doesn't really make a lot of sense. > > Since the NT4 days I've always made sites that were Root Sites, not > virtual directory sites, it was easy to lock them down, easy to keep > other sites on the server from interfering with them, easy to keep other > vendors that maintain a site from messing with the other root sites. > > To make this question simple: > > Are virtual directory sites as secure as root sites - from the > administrator and user and web user point of view? > IIS has long recognized the vdir, yes, but I for one find your use of "root sites" as something compared to (hence different from?) "virtual directory sites" perplexing. A website (an LM instance) has a ROOT The ROOT has a metabase type of IIsWebVirtualDir A web within that LM instance is either located in contiguous storage or it is not. I believe originally the intent was that if the content area was to support an application boundary and it was contiguous it was to be an IIsWebDirectory, and if not contiguous (supporting application boundary or not) then it was IIsWebVirtualDir Now, I do not always find that to be how these are in fact used, but perhaps that is due to content being moved about. So, I do not understand you. How is a root site not a virtual directory site? The base of a sites root content is what it is. In article <OczZBmB4GHA.1***@TK2MSFTNGP02.phx.gbl>, mvpNoSpam@asu.edu
says... > So, I do not understand you. Let me explain it with a visual:> How is a root site not a virtual directory site? > The base of a sites root content is what it is. Create a new website (not a virtual site) mydomain.com (I consider this a root site) D:\WEB\ROOTSITE I could have content under the same physical path, such as mydomain.com/somefolder/some.htm D:\WEB\ROOTSITE\SOMEFOLDER\some.htm I could also create a vdir site site located in a different folder on the drive: VDir site: AnotherArea would be seen as mydomain.com/AnotherArea Another area would be located at: R:\WEBVDIRS\AnotherArea When I configure permissions for the root site, I have to option to pass changes down to the Vdir sites, which may or may not change how they are secured, or other features about them. If I create another website, I call a root site, as follows: anotherarea.mydomain.com R:\WEBVDIRS\AnotherArea (I kept it the same for illustration) I can host this site on a different server, not connected in any way to the first server, can have different certificates, can adjust security without any possible changes to the mydomain.com website.... I consider the root method to be more secure than the vdir method, that's what I'm trying to get an answer for. -- spam999free@rrohio.com remove 999 in order to email me Hi,
The "vdir site" you are talking about isn't really a site. It's just one part of the parent site, which happens to be located in a discontiguous part of the file system. You are arbitrarily calling this a "new site" based on some criteria that you have, but it isn't really a new website - it's just a folder located within an existing website. The same settings can be applied (perhaps manually) to this virtual directory as with most "root sites" (as you call them). In terms of "security", security is not a bunch of settings. Security is risk management. What risks do you face and how are you choosing to mitigate them? If you only face 1 risk and you can eliminate/mitigate that risk the same way with both a virtual directory and a root site, then both are just as secure as each other. Cheers Ken Show quoteHide quote "Leythos" <v***@nowhere.lan> wrote in message news:acCRg.1638$pq4.1567@tornado.ohiordc.rr.com... > In article <OczZBmB4GHA.1***@TK2MSFTNGP02.phx.gbl>, mvpNoSpam@asu.edu > says... >> So, I do not understand you. >> How is a root site not a virtual directory site? >> The base of a sites root content is what it is. > > Let me explain it with a visual: > > Create a new website (not a virtual site) > > mydomain.com (I consider this a root site) > D:\WEB\ROOTSITE > > I could have content under the same physical path, such as > > mydomain.com/somefolder/some.htm > D:\WEB\ROOTSITE\SOMEFOLDER\some.htm > > I could also create a vdir site site located in a different folder on > the drive: > > VDir site: AnotherArea > would be seen as mydomain.com/AnotherArea > Another area would be located at: R:\WEBVDIRS\AnotherArea > > When I configure permissions for the root site, I have to option to pass > changes down to the Vdir sites, which may or may not change how they are > secured, or other features about them. > > If I create another website, I call a root site, as follows: > anotherarea.mydomain.com > R:\WEBVDIRS\AnotherArea (I kept it the same for illustration) > > I can host this site on a different server, not connected in any way to > the first server, can have different certificates, can adjust security > without any possible changes to the mydomain.com website.... > > I consider the root method to be more secure than the vdir method, > that's what I'm trying to get an answer for. > > -- > > spam999free@rrohio.com > remove 999 in order to email me 
Other interesting topics
IIS 6.0 Bug?
error message SPN for SSL over common name Can't save password if Integrated Authentication is used HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource Accessing a web application anonymously Internet Access on an SBS 2003 Install Allow anonymous access between times Certificate Service Button Verisign Certificate |
|||||||||||||||||||||||
