Hi all, In time i have developed a way to "sort of" secure the FTP accounts of a shared hosting server. But what i do is securing by hiding information which i think is not the way to do it. This is what i do: I make local users with only list permissions on
the FTP root. In the FTP root i make subdirs with the same name as the user so whenever the user logs on over FTP he immediately goes down into his FTP dir. To prevent that the user does a cd .. and sees all the other FTP accounts, i hide the FTP dirs. If
the user does a ls -a, he can still see the hidden dirs as well. I think it would be good that IIS's FTP could make FTP homedirs instead of the "patch-way" of configuring that i have to do now. Maybe it's my lack of knowledge of IIS's FTP, but i think there
need to be other ways to have multiple FTP accounts in a secure way in a shared hosting server. Any suggestions? Ton.
If you are using IIS 6 you can enable per user root directories via the “User Isolation” method. There is great documentation on how to do this in the Shared Web Hosting Deployment Guide at: https://members.microsoft.com/serviceproviders/webhosting/sharedhosting/sharedhosting.htm
The actual documentation on how to use “User Isolation” with FTP is here: https://members.microsoft.com/serviceproviders/webhosting/sharedhosting/Configuring_FTP_User_Isolation_with_Active_Directory_(Recommended).htm Thanks
Technical Account Manager
Microsoft Communication Sector North America
This posting is provided "AS IS" with no warranties, and confers no rights. Script samples are subject to the terms at http://www.microsoft.com/info/cpyright.htm"
User isolation is the way to go. (Get IIS 6), but this only concern on server access security. To Secure IIS FTP, you need to secure the connection as well. refer Information About the IIS File Transmission Protocol (FTP) Service http://support.microsoft.com/?id=283679
Fabeltjeskra...
Member
5 Points
1 Post
IIS FTP secure. How?
May 07, 2004 08:51 AM|LINK
mikemil
Member
190 Points
38 Posts
Re: IIS FTP secure. How?
May 07, 2004 05:53 PM|LINK
Program Manager
Microsoft Solutions for Windows-based Hosting
WBH 3.0 - Http://www.microsoft.com/hosting
jjstreic
Contributor
2545 Points
507 Posts
Re: IIS FTP secure. How?
May 10, 2004 11:39 AM|LINK
Microsoft Communication Sector North America
This posting is provided "AS IS" with no warranties, and confers no rights. Script samples are subject to the terms at http://www.microsoft.com/info/cpyright.htm"
qbernard
Star
12911 Points
2132 Posts
Moderator
MVP
Re: IIS FTP secure. How?
May 14, 2004 03:59 AM|LINK
Bernard Cheah