Controlling Access to Applications in IIS 6.0
Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
You can control which users and computers are allowed access to your Web server and its resources. You can use both the NTFS file system and Web server security features to assign users specific access rights to directories and files. You can also use IP address restrictions to limit access by specific computers.
Best Practices for Securing Files with NTFS Permissions: With the NTFS file system, you can limit access to your Web server's files and directories. You can configure the file and directory permissions that set the access level assigned to a particular user account or user group. For example, you can configure your Web server to enable a specific user to view and execute a file, while excluding all other users from accessing that file.
Securing Sites with Web Site Permissions: Web permissions, unlike NTFS permissions, apply to all users accessing your Web sites. NTFS permissions apply only to a specific user or group of users with a valid Windows account. NTFS controls access to physical directories on your server, whereas Web permissions control access to virtual directories on your Web site.
Securing Sites with IP Address Restrictions: With IP address restrictions, you can configure your Web server to assign or deny specific computers, groups of computers, or domains access to Web sites, directories, or files. For example, if your intranet server is connected to the Internet, you can prevent Internet users from accessing your Web server by assigning access only to members of your intranet, and explicitly denying access to outside users.