IIS Directory Access
Nov 4, 2008How do I do this in IIS
I need to be able to access resources such as PDFs, videos from my website once a user has logged in but I need to block users being able to access the resources from a url?
How do I do this in IIS
I need to be able to access resources such as PDFs, videos from my website once a user has logged in but I need to block users being able to access the resources from a url?
Ok, here's the deal. I am about to start a site to allow users to log into a password protected area and then, based on each individual user, they will be given access to a .pdf file which contains pricing and rate information that is specific to the particular user.
What is the best way for me to secure the location so that a person could not go to - for instance - www.site.com/docs/xxx.pdf and view someone else's file?
I am using a Win Server 2003/IIS 6 environment. The site will be written in php, and will have a SQL Server 2000 backend to store the userid/pwd combinations, and the name of the particular user's file. I know to make it where the contents of the directory can't be listed, but I need to make sure a person could not quess the filename of another users .pdf and be able to view it.
How to restrict directory access by IP address using .htaccess?
AS i know the code must be like this
Code:
Order Deny,Allow
deny from 111.111.111.111
Now the questions
1. how to restrict access by IP-subnet?
Does such code right ?
Code:
Order Deny,Allow
deny from 111.111
2. how to restrict multyple IPs?
Code:
Order Deny,Allow
deny from 111.111.111.111, 222.222.222.222, 333.33.33.33
?
ive got a flash music player that gets its tracks from a dedicated directory on my server. there's about 10GB of music in there (we own it) and i want to stop people getting at the files (they can see the path in the source of the page that has the flash player).
i tried an htaccess directive that stops listing the directory contents but that obviously wont work. what is the best & most secure strategy to achieve this, blocking all ip addresses apart from my server's?
I'm trying to control download access in a particular directory. I don't want to hide the directory behind a password.
What I am looking to do is to permit access to the files to people who have clicked on my download link only (referrer). Direct links, and hot links to be denied.
I can disable hot linking easily enough via .htaccess. But I'm not savy enough to pull off referral only access.
We currently have a site hosted on a dedicated server, and we use Ensim to manage the site.
Although we can use Ensim to FTP, we mainly use Dreamweaver or other FTP clients to FTP.
What we are wanting to do, is set up and FTP user, so that they can only have access to certain directories. Is this possible? If so, what would I need to do?
Also, when they connect via an FTP program (assuming that the access has been set up as desired) will they only be able to see those directories specified?
I have a set of confidential files that I want to make accessible over the internet to members overseas.
Members will access the file links on a secure web application.
I want to restrict access to the files so that they only open when the user clicked them from the web application. ie. if they paste the url into a browser it should not open the file.
I managed to do this in Apache, but I need to do it in IIS - is it possible?
Is there anyway to set up a Group that only has access to one virtual directory and nothing else on the server? Running IIS 6.0 on Windows 2003.
View 1 Replies View RelatedFollowed the guide over at [url]to get proftpd setup.
It only lists ways to create a single upload directory and a single download directory.
Tried all possible ways to get a directory creating allowing read/write but so far unsuccessful.
how this can be acheived?
Here is my current config.
#start of config
<Directory /home/FTP-shared>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory /home/FTP-shared/download/*>
Umask 022 022
AllowOverwrite off
<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>
DenyAll
</Limit>
</Directory>
<Directory> /home/FTP-shared/upload/>
Umask 022 022
AllowOverwrite on
<Limit READ RMD DELE>
DenyAll
</Limit>
<Limit STOR CWD MKD>
AllowAll
</Limit>
</Directory>
#end of config
/home/FTP-shared/read-write is the folder I want to be able to read and write data to.
in wordpress is wp-includes folder, i dont want anyone just execute file from this directory so it just serve wordpress not any malicious file be executed from there,
so i added this rule into /wp-includes/.htaccess:
RewriteRule ^(wp-includes)/.*$ ./ [NC,R=301,L]
I have recently switched from Ubuntu to Mint because I would like to enjoy out of the box functionality. I installed Apache, PHP and Mysql. When I go to localhost, the page displays correctly indicating that the server is functioning. In /var/www/html I created devPages. In devPages I created a symlink to a directory in my home directory where I keep all of my html/php files.
When I point my browser to http://localhost/devPages/1/ I get "You don't have permission to access /devPages/1/ on this server". This appears to be a permissions/ownership issue. I don't want to change the permissions for the directory or files in the home directory because they are set to work properly on my production server. Is there a way to get apache to accept files in my home directory?
I have set owner and group for devPages and the symlink to www-data. Set permissions to 755 for devPages.
By the way, under Ubuntu, I have always used a symlink and it always worked without any issues.
I seem to have an error with backing up to my personal FTP repository. I have only just noticed the issue, but i believe it originated when I upgraded Plesk Panel 11 to Plesk Panel 12. I am currently running version 12.0.18 on Cent OS 6.5.
Note whether i check the "Use passive mode" option makes no difference to my problem.Below is what I get from the panel.log under /usr/local/psa/admin/logs
Code:
[2014-11-20 19:49:44] ERR [util_exec] proc_close() failed
[20-Nov-2014 19:49:44 UTC] PleskUtilException: '/usr/local/psa/admin/bin/pmm-ras' '--check-repository' '--dump-storage=ftp://USERNAME@IPADDRESS/MYFTPDIRECTORY/' '--use-ftp-passive-mode' failed with code 121.
stdout:
Transport error: unable to list directory: Curl error: Access denied to remote resource
stderr:
file: /usr/local/psa/admin/plib/Service/Agent/Transport/Local/Exec.php
line: 57
code: 0
trace: #0 /usr/local/psa/admin/plib/Service/Agent/Transport/Local.php(60): Service_Agent_Transport_Local_Exec->process(0, Object(Service_Agent_Command_Exec), Object(Service_Agent_Transport_LocalTransaction))
[code]....
I have a situation like this:
There is a directory say, "Master" and inside, "Master" there is sub-directory, "Slave". A user who has access to, "Master" should be able to access, "Slave" automatically. However, a user who has access to, "Slave" should not have access to, "Master". Inside cPanel this type of protection is not possible.
How do I direct my httpd file to point to:
home/USER/public_html
instead of:
C:Users estetc...
I want to do this to make my test server just like the remote server.
I want to move the entire contents of a directory tree to another directory.
So for example we may have a directory with 15 directories inside, each directory contains files itself. I want to copy all the files from the directory tree into another directory located somewhere else one the file system. I want only the "files" to end up in the other directory and not the file structure too.
Im running CENTOS latest version.
How can I allow only one ip or a list of ip addresses to access port 8443.I need to limit access this port to few ip addresses and not everyone
View 6 Replies View RelatedI found a great little app called ID Shutdown Manager which bascially lets you do stuff like wake on LAN, Shutdown, Log Off etc.
The App also has a cgi script which you can call from a web server so you get a web interface to the program.
This is exactly my reason for getting the app as I just wanted to host a web page where I could login from the internet and wake on lan my media PC.
Ok so...
The app gives you all the iis or apache setup instructions and tells you to place the cgi script which is actually a .exe into the scripts folder and then enable basic authentication for it.
Done.
So if I navigate to <SERVER>/scripts/sdmancgi.exe its supposed to give me a user / pass prompt and then when login successful I see the app and can wake on lan etc.
ok I have got this to work
on the actual machine where server is running I can access it in IE7 by localhost etc.. and it works
However when I try to access from another PC in my lan by typing <SERVER>/scripts/sdmancgi.exe I get a nice little message saying the content cannot be displayed you may require to insall a program or something to display it.
If I try to access the page from firefox on same remote PC, it works!
I can also access page from outside my LAN, it works on my N95 browser.
Also I have had friends try it from firefox from the Internet and they say it works as well.
Forgot to mention I am running on port 8081 as I already have other servers running on 8080 and 80 (one is my router and the other server installed itself from setup.exe and I dont know what server its using)
I have also tried latest apache server as well as some other free one. Both have the same effect. Ok in firefox, not in IE.
One would think its a problem with the cgi file not compatible with IE7 however, I even tried to go to default page setup in IIS <SERVER>:8081 and I get the same message. So at this point the server hasnt even tried to access CGI or prompt for Basic Authentication.
I tried googling and not much luck. I read something about CSS and when I view source of failed web page from IE7 it mentions something about CSS so dont know if this is it?
I'm having trouble with a vps and the ips won't ping and can't connect via ssh.
I can via hypervm console when I run apt-get update but it doesn't download anything.
I have successfully installed dns only to my vps. the problem is when i try to add it to the cluster system on my other vps it asks for a remote access key, so i visit both ip:2087/scripts/setrhash and ip:2086/scripts/setrhash and it shows an unable to connect error in firefox.
this is both using [url]
does anyone know how i can access the remote access key?
I have windows servers that I'll be co-locating very soon. I have purchased a Dell 2161ds-2 and an APC remote boot power strip. Could someone please tell me the best way to secure remote access to these products. Do I put them on public IP's and allow them through the firewall or do I put them behind the firewall and access them after I authenticate through the firewall.
View 6 Replies View RelatedWhich files could I safely delete/archive from the usr directory? Also, what is the command to list each subdirectory's size?
View 8 Replies View RelatedIf we want to Create output of "Tar" a directory ; to different server, how can we do that ?
I tried this command, but it does not works
tar -cvf oldserverzip.tar /directory | ssh newserver@newserver.com
Basically, what we want is to shift a site "dump" to another server, without creating a copy at source server (as there is no space available there to create a "dump")
Cpanel 11
Fedora
Is there any particular reason or advantage to having SSL files load from a different directory than the http files load?
for instance the http home files are in
/home/domain
is there any reason that an index.html (unsecure file) would need to redirect secure files from a directory?
how I go about unlocking my bin directory and making it writable again. I tried to do installworld with the latest freebsd release and as soon as it gets to the bin directory I get a permissions denied error. I looked at the permissions and ownership compared to another freebsd box and they all look the same. I tried to create a file by using touch just to test it and I received permission denied error.
View 3 Replies View RelatedI want to have a directory that i want to set up so you can only a script can see files in a directory. They will be getting the file names from the database, i have turned off directory browsing. I have also set up a Robots.txt and stopped robots from scanning the directory. Is there anything else i can do?
Also is there and software that allows you to download an entire site. Even if it is gigs of content. If so, how do i set it so it will stop that from happening. I am on linux. Centos running Cpanel.
I know that /www is an alias (symlink) for public_html, but I came across an account with virtual_html. Is there a difference between virtual_html and public_html?
And while I assume secure_html is for secure files, how does it tie in?
I'm trying to use SSH to delete a directory. It won't delete via FTP.
I've tried variations of the below but nothing seems to work;
rm -f [folder]
rm /-f [folder]
the directory that should be deleted is test.crossroadsclub.net, so I use that as the folder.