This section describes the recommended best practices for setting up secure remote publishing. You will learn how to protect your server and content by coordinating different aspects of security into an integrated whole. These aspects of security include:
IIS offers the following levels of authentication:
The best way to configure a WebDAV directory depends on the kind of publishing you want to do. When you create a virtual directory through IIS 5.0, Anonymous and integrated Windows authentication are both turned on. Although this default configuration works well for clients connecting to your server, reading content on a Web page, and running scripts, it does not work well with clients publishing to a directory and manipulating files in that directory.
Anonymous access grants anyone access to the directory, and therefore, you should turn it off for a WebDAV directory. Without controlling who has access, your directory could be vandalized by unknown clients. For more information, see Anonymous Authentication.
Basic authentication sends passwords over the connection in clear text. Because clear text can easily be intercepted and read, you should turn on Basic authentication only if you encrypt passwords through Secure Sockets Layer (SSL). For more information, see Basic Authentication and Setting Up SSL on Your Server.
Integrated Windows authentication works best when you are setting up a WebDAV directory on an intranet. For more information, see Integrated Windows Authentication.
Digest authentication is the best choice for publishing information on a server over the Internet and through firewalls. For more information, see Digest Authentication.
This section recommends various ways to configure Web permissions based on the purpose of the material you are publishing.
For more information about Web permissions, see Setting Web Server Permissions.
When setting up a WebDAV publishing directory on an NTFS file system drive, Windows 2000 Server gives everyone Full Control by default. Change this level of permission so that everyone has Read permission only. Then grant Write permission to certain individuals or groups.
For more information about NTFS permissions, see NTFS Permissions.
If you have script files in your publishing directory that you do not want to expose to clients, you can easily deny access to these files by making sure Script source access is not granted. Scripts include files with extensions that appear in the Applications Mapping list. All other executable files will be treated as static HTML files, including files with .exe extensions, unless Scripts and Executables is enabled for the directory.
To prevent .exe files from being downloaded and viewed as HTML files, but to allow them to be run, on the Virtual Directory property sheet of the publishing directory, change the Execute Permissions to Scripts and Executables. This level of permission will then make all executable files subject to the Script source access setting. In other words, if Script source access is selected, clients with Read permission can see all executables, and clients with Write permission can edit them, as well as run them.
With the following permissions, clients can write to an executable file that does not appear in the Application Mapping:
With the following permissions, clients can also write to an executable file:
Dragging and dropping extremely large files into a WebDAV directory could take up a large amount of disk space. To limit this amount, you can set a quota on disk usage. To learn more about disk quotas, see “Disk Quotas Overview” in the Windows 2000 Server documentation.
For more information about security, see IIS Security Checklist.