in

Dotnetpanel Forums

Community support forums for DotNetPanel products
Dotnetpanel Forums » Web Hosting » Windows Administration » Restrictive ntfs permissions for webhosting

Restrictive ntfs permissions for webhosting

Last post 02-19-2008 1:40 AM by danielh. 2 replies.
Page 1 of 1 (3 items)
Sort Posts: Previous Next

  • 02-15-2008 6:13 AM

    Restrictive ntfs permissions for webhosting

    Reply Contact

    Hello

    I have been searching everywhere for detailed information about restrictive ntfs permissions for webhosting. A default installation of windows 2003 server and DotNetPanel is very "open" due to the users group containing "authenticated users" and thus making "dnpwebusers" a member of the users group. Furthermore the users group have (per default) read/list permissions on root drives aswell as "program files", "windows", "system32" and other folders.

    On a typical webhosting server there is also a lot of different components such as dotnet v1.1/2.0, php 4/5, asp, frontpage addons and random libraries for handling uploads, smtp mail, image resizing etc. Its important to keep this in mind while redesigning permissions.

    My question goes out to the DNP community, is there anyone with a template on how you can lock down your webhosting server using minimum permissions available while still being able to provide the typical services?

    Regards

    Daniel 

  • 02-15-2008 12:34 PM In reply to

    Re: Restrictive ntfs permissions for webhosting

    Reply Contact
    Check out the The Microsoft Solution for Windows-based Hosting version 4.5. They have very detail guidance, templates and tools for securing your hosting servers. You may need to modify some of their recomendations to fit your network but it is a very good reference. http://www.microsoft.com/technet/serviceproviders/wbh4_5/default.mspx?mfr=true http://www.microsoft.com/downloads/details.aspx?FamilyId=D6EF5386-0F76-4F58-A6C6-1FE7B5BE56CA&displaylang=en
    Greg Brewer
    Vowire LLC

  • 02-19-2008 1:40 AM In reply to

    Re: Restrictive ntfs permissions for webhosting

    Reply Contact

    Hello

    I have checked out their templates and while most of it where already known and common sense there was some goodies aswell. However, I cant seem to find any information about how to secure folders outside of the hosting directories, for example c:\windows, c:\windows\system32 etc. Neither can I find any information or recomendations about asp.net v1.1/v2.0/v3.x. I know medium-trust is to recomend on v2.0 but how about v1.1 and v3.x? I have not been able to test it myself but I hear medium-trust is too restrictive to be able to run most sites on these versions? My primary concern is read/list rights on windows directories though.

     

    Regards

    Daniel
Page 1 of 1 (3 items)
Powered by Community Server (Commercial Edition), by Telligent Systems