Access Control with IIS 6.0

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

You can control which users and computers are allowed to access your Web server and its resources. You can use both NTFS and Internet Information Services (IIS) security features, such as Web permissions and IP address restrictions, to specific access rights to Web sites, directories, and files.

This section includes the following information:

• Securing Files with NTFS Permissions: Describes how to use NTFS permissions to secure the files and directories that comprise your Web site.

• Securing Sites with Web Site Permissions: Describes how to set Web permissions to protect your Web content.

• Allowing Anonymous Access to Web Sites: Describes how to set up an account for anonymous access to Web sites.

• Configuring Worker Process Identities: Describes how to configure the worker process identity so an application can run with the appropriate access rights for your Web server.

• Securing Sites with IP Address Restrictions: Describes how to prevent specific computers, groups of computers, or entire networks from accessing your Web content.

• Securing Virtual Directories: Describes how to secure virtual directories.

Related Information

• For information about FTP user isolation, which prevents users from viewing or overwriting other users' Web content, see Isolating FTP Users.

• For information about configuring content rating features to warn users about objectionable Web content, see Using Content Ratings.

• For information about configuring your Web server's Secure Sockets Layer (SSL) security features, see Configuring SSL on a Web Server or Web Site.