Hi There. I have recently inherited a fairly large shared web hosting platform, which, amo other features, allows customers to place access databses in their web sites, and then read / write data to them via DNS / Dsn-Les connections. However, a security problem became apaprent to me: If an...more >>

Hi guys I need help. I created a web application for my intranet. I'm using a dsn connection. The applications works fine when the database resides in the same server as the IIS. when I change the dns to point to the same mdb file over to my database server I get the following error Micro...more >>

We have an ActiveX CAB file that is part of an Active Server Page web-based application. It worked fine on Server 2000 both in HTTP and HTTPS. On migrating it to Server 2003, it still works on HTTP however it will not download under HTTPS to the browser. The browser is IE 6.0 and has be...more >>

I think I've got everything set up in IIS for using IIS 5.0's password change scripts. However, when I submit a form I get the following error: Error: An invalid Active Directory pathname was passed Debugging the scripts a little, what I find is that none of the request.form field values a...more >>

I've learned that it is possible to create a database for iis 5.0 & have all server logs (or most) to be saved to automatically. Does anyone know how to do this? Thanks MikeSt...more >>

I like to secure my ASP with either a username and password or a client certificate. Therefore I have set "require SSL" and "accept client certificates". However, my script fails for the first document that I send if I use a username and password. The error on the client is: "There is a se...more >>

Hi, I have a client with w2k (IE 6) and a Windows 2003 server (with IIS 6.0). I would like to setup IIS 6.0 to authenticate the users trying to access to a web page. I'd like to use kerberos v5. During the IIS setup, I enabled "Integrated Windows authentification". But each time I go to ...more >>

how to restrict sites to users who use internet in the network...more >>

Hello all. I have a quick question about pop up ads. I am kind of new to the personal computer era. Every time i flex a muscle i get pop up ads!! i mean 15-60 at a time sometimes! how can i stop this madness?? Thanks alot....more >>

May I in IIS to disable oportunity for someone to download all my pages in web site with WinZip, TeleportPro, atc? I wanna to those pages be visible, but not to someone download them in whole. Thank you!...more >>

Hi everyone, I would like your help on the following: My web page was defaced by someone known as daark phyber, and I don't know how to put it working again. Please help me. ...more >>

I recieved an N-case alert does anyone know what this alert is ...more >>

We have an Nfuse webserver that is using IIS 5.0. We've installed the SSL certificates to run the webpages through an https connection but when we do a netstat -a, we still see the http port listed as active. It doesn't have any foreign connections, it just seems to be connected to localhost on...more >>

Hi, i was able to get my SSL on port 443 to run just fine. But on setup i found i cant remove port 80 from the side or at least have some kind of port nbr there. I want to disable that users can view content without using SSL. I know i can do that with using a port other then 80 and then ...more >>

Hi I get this message when I set my virtual directory to access the computer as I_USR even though I have given I_USR execute and read permissions on the folder with my ASP scripts. If I set my virtual directory to access the computer as another user who is a member of administrators an...more >>

Hi everyone, I am planning to deploy either Windows2000+SP4+IIS5 or Windows2003+IIS6 on the internet, I would like to know what are the security patches for IIS that I need to load before putting the server online ? or anyone can provide me a link or white paper regarding this. Thanks in ad...more >>

I am trying to enable the IISADMPWD virtual directory so users can change passwords when they are required. I am not using the Default Web Site, but a different site. I have implement all of the instructions that I have found, but the site does not allow an account that is set to change pa...more >>

Greetings, I'm trying to limit web developers to only having admin access in IIS6. Seems they have to be in Admin group on Server 2003 to even open IIS6 console. Any suggestions on if I can create a group and assign a specific ACL for admin access is IIS6 only? Thanks, Brian...more >>

Where can I find information about securing a virtual directiry using NTSF permissions to that virtual directory. The "connect as" overrides my desired behavior. If I create a directory on the IIS server and assign it NTSF permissions it behaves as expected, only those granetd permis...more >>

Hi all, I am getting ready to bring a new server online to the Internet to host our website. Yesterday I was going thru a security article on IIS 5.0. I also ran the IIS Lockdown tool, although I cancelled out before it finished. I guess you could say I "chickened out" before it was done. ...more >>

I have removed those users whome I wish to deny Internet access from the BackOffice Internet Users Global Security Group, but they Still have access???...more >>

We have been using a crossword applet for quite a while - it has performed very well ... until we upgraded to Windows 2003 Server. Now the Applet doesn't work - it loads ok, but it can't read a data text file on the server. The only way it can work, is if the HTML page calling the app...more >>