Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Anonymous Web Access config

Status
Not open for further replies.
split63

split63

Technical User
Jul 9, 2007
25
US

What is the right way to configure anonymous access to a website. Currently I have anonymous access set and I'm using the administrator user name and password to grant access. I can't help but feel this leaves the site vulnerable.
So I have tried changing this anonymous access to IUSR_Machine and everytime I try, the site fails. The only way to make the site function, is to put back the admin ID/Password.

Oddly enough, I have a second site on the same server and it is using IUSR_machine and it works fine. When I look at the permissions, IUSR_machine is not even on the list. Yet it still works for this second site.
I suspect there is a hole in my understanding in the Security settings under properties and the permissions settings.
 
Sort by date Sort by votes
Try giving the actual Inetpub directory the rights for IUSR_Machine as well as in the IIS manager. That might be redundant but worth trying.
 
Upvote 0 Downvote
SuperJenks,

As per your suggestion, I just tried that. No luck. The website only functions when I set anonymous access using the adminstrators username/password.
 
Upvote 0 Downvote

Friends,

I could really use your help here. We are being hacked into daily. What ever this security hole is, it is apparently obvious to all, but not to me.

They are able to come in and change the contents of web pages.

Thanks,
 
Upvote 0 Downvote
First thing i would try is to backup your web content, then uninstall IIS and reinstall it. You dont state how many websites you have on the IIS server so im guessing you are just running in the default website which is why i suggested what i did. If my assumption is wrong, update us with the correct info.

RoadKi11
 
Upvote 0 Downvote
Strictly speaking....I had three websites. The default, Web1 and Web2. I deleted the default and made web1 effectively the default. So the server has two web sites; web1 and web2. Web1 is the one that will not work unless I use the Admin ID/Password to grant anonymous access.

 
Upvote 0 Downvote
Ive seen this in a different thread somewhere. The guy ended up deleting the problem site and recreating it. Did you try creating a web3 and copy your content in to that site and testing it? if that works you could then delete web1 and rename web3 to web1.

just a thought,

RoadKi11
 
Upvote 0 Downvote
Roadkill.

I uninstalled, then re-installed IIS, that fixed it.

Thanks,

Bruce
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
268
Aquiles Vidal
Aquiles Vidal
DeepuM
  • Locked
  • Question
Web Response returned Web Exception : The underlying connection was closed error | Simphony & QS
Replies
0
Views
173
DeepuM
DeepuM
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
126
hairlessupportmonkey
hairlessupportmonkey
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
450
mangentle
mangentle
iCDT
  • Locked
  • Question
Remote Desktop Web Access ( No application available)
Replies
2
Views
118
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top