This section provides information about administering and configuring your Web site.
You can use Internet Services Administrator, which comes with Personal Web Server, to restrict access to your Web site by
restricting access to individual users or groups, and specifying
password encryption methods for your Web site.
You can also require users to supply a valid Windows NT user name and password. You can have the password sent by using either basic authentication or Windows NT challenge/response authentication.
With both basic authentication and Windows NT authentication, no access is permitted to secure folders unless a valid user name and password is supplied. Password authentication is useful if you want only authorized individuals to use your server. You can have both anonymous
access and authenticated access enabled at the same time.
Note
- Windows NT Challenge/Response authentication does not work with local security.
Basic authentication does not encrypt your user name and password before transmission. Basic authentication is encoded only by using base64 encoding, and can be decoded easily by anyone with access to your network or to a segment of the Internet that transfers your packets.
Caution
- By using basic authentication, you send your Windows NT user names and passwords
unencrypted over public networks. Intruders could easily learn your user names and passwords.
The WWW service also supports the Windows NT Challenge/Response encrypted-password transmission.
Windows NT Challenge/Response authentication encrypts the user name and password, providing secure transmission of user names and passwords over the Internet. It is currently supported only by Microsoft Internet Explorer version 3.0 or later for Windows 95.
Note
- Windows NT Challenge/Response authentication only works over a local area network that has at least one Windows NT domain.
Choose Difficult Passwords
The easiest way for someone to gain unauthorized access to your system is with a stolen or easily guessed password. Make sure that all passwords used on the system, especially those with administrative rights, have difficult-to-guess passwords.
Limit the Membership of the Administrator Group
By limiting the members of the Administrator group, you limit the number of users who might choose bad passwords and expose your system.
If your computer is not set up to use user-level access control, you can control access to your Web site by creating a user list on your computer.
To add users to a user list
- In Control Panel, double-click the Personal Web Server icon.
- On the Administration tab, click Administration.
- On the Internet Services Administrator page, click Local User Administration.
- To add users to the user list, click New User.
- Type a user name.
Note
- When you add users to your user list, you must supply a password for each one. Personal Web Server does not support null passwords at this time.
You can also create groups of users.
To create a group of users
- In Control Panel, double-click the Personal Web Server icon.
- On the Administration tab, click Administration.
- On the Internet Services Administrator page, click Local User Administration.
- On the Groups tab, click New Group, and then type the name of the group.
To add users to a group
- On the Local User Administration page, click the User/Group tab.
- Click a name in the list of users, click a name in the list of
groups, and then click Add User To Group.
Notes
- If your computer is set up to use user-level or share-level security, you cannot use a user list to restrict access to your Web page.
You can also restrict access to your Personal Web Server folders on a per-folder basis. You can set a
folder to be read-only, or allow users to run scripts in that folder, or both.
To restrict access to a folder
- In My Computer, right-click the folder you want to restrict access to, and then click
Sharing.
- Click Shared As, and then click Web Sharing.
- Select the Share Folder For HTTP check box.
To make the folder read-only, click Read-Only.
To allow users to run scripts from pages located in that folder, click Execute Scripts.
You can track access to your Web site by using log files.
To enable logging
- In Control Panel, double-click the Personal Web Server icon.
- On the Administration tab, click Administration.
- On the Internet Services Administrator page, click WWW Administration.
- On the WWW Administration page, click the Logging tab.
- Select the Enable Logging check box, and make the changes you want.
The log file is named Inetserver_event.log. If you do not specify a log file directory on the
Logging tab, the file is stored in your Windows folder.