Question : IIS6 security/user permissions for multiple websites

I currently have an IIS6 server with just one website configured using the default iusr_machine account. I now want to add a second website but I'm not sure if they should both be using the same iusr_ account, for example if someone managed to gain access one website would they then be able to access the other site as well?

If so how do I create separate accounts for each site?

Answer : IIS6 security/user permissions for multiple websites

Your best bet will be to set the application pool identities to seperate accounts, for each website.

The IUSR account will make the initial hit on the website, and when it calls the asp/asp.net page, a mixture of the ASPNET local account and the application pool identity are used to execute the script.

You can then restrict each website or location to where the scripts/files reside to the specific account you set the application pool to run under.

This should then prevent any possibility of website A accessing or executing any object in Website B's folder, as it won't have rights.

Random Solutions

Delete from Access form certain records in a table that relate to another table's field

How can I enable a template item accoding to query result ?

set system date and time from other PC

My outlook has 4 email accounts and I receive a copy per account, I need to receive 1 email, not 4

Subtract number and pad as 3 digits in Oracle 9i

Search Barcode in Table After Scanned into Text Field

store procedure Vs. Triggers

Windows 7 Backup

Another auto-Complete question for a combobox in an Access form