Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Configure IIS for an FTP Site - Part 4
Configure IIS for an FTP Site - Part 4 Picture 1 Configure IIS for an FTP Site - Part 1
Configure IIS for an FTP Site - Part 4 Picture 2 Configure IIS for an FTP Site - Part 2
Configure IIS for an FTP Site - Part 4 Picture 3 Configure IIS for an FTP Site - Part 3
Brien M. Posey
In this section, I will conclude the series of tutorials on how to configure FTP sites by introducing authorization and authorization to work in IIS 7.
Introduce
In this article, I have shown you how to create an FTP site so that users can access it through a secure SSL session. SSL encryption does not require anything like you can still assume. Without proper licensing mechanisms, we can still allow anonymous users to access the FTP site. In this section, we conclude this series by introducing permissions when applied to FTP sites in IIS 7.0.
Appraisal
You may not actually perform any type of authorization unless you also perform authentication.
Open Internet Information Services (IIS) Manager, and navigate in the interface tree to | Sites | . Next, double-click the FTP Authentication icon located in the middle of the interface. As you can see in Figure A, you can enable the Anonymous Authentication or Basis Authentication option. For the purposes of the article, we have enabled the Basic Authentication option. Right-click the Basic Authentication option and then select the Enable option.
Configure IIS for an FTP Site - Part 4 Picture 4 Figure A: You must enable basic authentication mode
Licensing
Licensing will set up user identity, but we need some steps to specify whether users will be allowed to access FTP sites. If the user has access to the site, the authorization will tell the user to perform the action they are trying to do.
There are a number of differences in licensing issues that are supported for FTP sites. You can perform authorization by IP address and domain or by user and group name.
Domain and address restrictions
Restrictions of domain names and addresses are often used when users access the site anonymously, but can be used in conjunction with basic authentication to provide an extra level of security. The addition of domain or IP address restrictions is very easy. With the FTP site selected, double-click the FTP IPv4 Address and Domain Restrictions icon in the center column.
When the console switches to Features View, right-click an empty area in the center pane, then select Add Allow Entry or Add Deny Entry from the shortcut menu. Both options work the same, but an option will increase access to a specific address or domain, while the other option will block access.
When prompted, simply enter the IP address or desired domain name for the rule. As you can see in Figure B, you can specify one or more IP address ranges.
Configure IIS for an FTP Site - Part 4 Picture 5 Figure B: You can create a licensing rule based on IP addresses or domains
When you look at the image above, you will see that there is no field to specify the domain name. The reason for that is that domain restriction rules will add to the server's burden because each connection will require a reverse DNS lookup to specify the domain name associated with the IP address. Therefore, Microsoft has hidden this option by default.
If you want to enable domain name rules, right-click an empty area of the Features View panel, then select Edit Feature Settings. Windows will then display a dialog box to allow you to set the default behavior for non-specific connections with Allow or Deny options. Besides controlling the FTP server's default behavior, the dialog also has a checkbox that you can use to enable domain restrictions, as shown in Figure C.
Configure IIS for an FTP Site - Part 4 Picture 6 Figure C: You can use the Edit IPv4 Addresses and Domain Restriction Settings dialog box to enable domain restrictions.
FTP licensing rules
Usually, if you are going to perform basic authentication on FTP connections, you use FTP authorization rules to control who can do what. You can access FTP licensing rules by selecting your FTP site in the IIS Manager interface, then double-clicking the FTP Authorization Rules icon in the middle pane of the interface.
When the interface switches to Features view, you can create an FTP Authorization Rule by right-clicking an empty area in the middle pane of the interface, then selecting the Add Allow Rule or Add Deny Rule.
Setting up a rule is quite simple. If you look at Figure D, you will notice that a basic rule will consist of a user or a group corresponding to the rule that will use and privilege. For example, a rule can be used for All Users, all anonymous users, specific user groups (such as Admins, Users, or Guests).
Configure IIS for an FTP Site - Part 4 Picture 7 Figure D: You must specify the user or user group, and then specify privileges
Although you can do so, it is better not to use rules for individual individuals. Managing licensing can be a concern for you. Please assign to a group or use one of the other available options.
Setting permissions is also very simple. All you need to do is choose; Read box, write checkbox or both. One thing you should keep in mind is that there are many privilege levels here. Usually, NTFS permissions are used for the directory that the FTP site is using. You have to make sure that the privileges you set up throughout IIS won't matter.
Browse the directory
However, you cannot use permission rules to control directory browsing. With that, you need to select the FTP site in the IIS Manager console, then double-click the FTP Directory Browsing icon located in the middle column.
As you can see in Figure E, you can display directory listing in MS-DOS style or in UNIX style. There is no option to disable directory work. If you want to disable directory browsing, do not assign Read permissions to users when creating permission rules.
Configure IIS for an FTP Site - Part 4 Picture 8 Figure E: You can customize directory browsing for FTP sites to make the server look like a DOS (Windows) or UNIX server
In addition to controlling folder types, you can also choose to display virtual folders, the number of bytes available in the directory, 4 numbers showing the number of years, all by selecting the corresponding checkboxes.
Conclude
As you can see from the day series, setting up an FTP site in IIS 7.0 is quite simple. The main things you need to remember are SSL encryption without authentication and authorization, and the permissions (permissions) that you set up through the IIS interface do not override NTFS permissions.
Lesley MontoyaYou should read it
- Configure IIS for an FTP Site - Part 3
- Create a Site-to-site VPN on ISA 2006 (Part 6)
- Configure IIS for an FTP Site - Part 2
- Instructions for setting up a VPN site to site model on Cisco ASA systems
- Avoid threats from the Internet
- How to Create a Link With Simple HTML Programming
- Access remote VPN client via Site to Site VPN
- Configure IIS for an FTP Site - Part 1
- Create a Site-to-site VPN on ISA 2006 (Part 4)
- Google accounts for 25% of North American Internet traffic
- Internet Explorer 10 refuses to run Flash 'bad'
- Learn about 3D Internet
Guide for Gmail users - Part 3
OpenOffice on the way 'defeated' Microsoft Office
Instructions for Gmail users - Part 4
5 tips for LinkedIn
Lessons from Google's 'sudden death' incident
Internet search business software