DiscountASP.NET Support Portal
Language
 
Home>Knowledge Base>Windows 2008/IIS 7>General questions>Password protecting directories in IIS 7
Information
Article ID398
Created On11/24/2008
Modified8/6/2009
Actions
Share With Others
Password protecting directories in IIS 7
In IIS7 password protection is achieved by removing anonymous user access to a directory. There are two ways to accomplish this.

The first is manual password protection. Add following into the web.config file in the directory that you wish to protect:

<configuration>
  <system.webServer>
    <security>
      <authorization>
        <add accessType="Deny" users="?" />
      </authorization>
    </security>
  </system.webServer>
</configuration>


To allow additional users to access the site, you must grant the user access in the Permission manager in the DiscountASP.NET Control Panel.

The second method is to use the IIS 7 Manager. The IIS 7 Manager is a program that is installed on your computer and is used to do some maintenance and configuration tasks in IIS 7. We recommended the IIS 7 Manager for use by experienced developers only.
  • Add the primary user to the allowed IIS Admin user list in the DiscountASP.NET Control Panel (IIS Tools)
  • Connect to the site
  • Navigate to the directory you want to password protect in the left pane
  • Double click "Authorization Rules" in the right pane
  • Click "Add Deny Rule"
  • In the pop up dialogue box, select "All anonymous users"
  • Click "OK"
  • Note that this action will add some entries into your web.config file
 
Management Interface
SmarterTrack Enterprise 4.6 | Customer Service Software | © 2010 SmarterTools Inc.