Windows system >> Computer software Tutorial >> Server technology  >> About the server

Server Security Settings Tutorial: Hard Disk Permission Settings

  
Here we focus on the required permissions, that is, the permissions required for the final folder or hard disk, to protect against various Trojan attacks, escalation attacks, cross-site attacks, and so on. After many experiments in this example, the security performance is very good, and the server is basically not worried about being threatened by Trojans. Hard disk or folder: C:\\ D:\\ E:\\ F:\\ Analog main permission part: Other permission part: Administrators full control no
If other operating environment, such as PHP, is installed, according to PHP environment function Require permission to set the hard disk permissions, generally the installation directory plus users to read the run permissions is sufficient, such as c: \\ php, in the case of root directory permissions inheritance plus users read run permissions, need to write data For example, the tmp folder, the user write and delete permissions, do not run permissions, and then the virtual host user's read permission can be denied. If it is mysql, it is safer to run MYSQL with a separate user, as described below. If it is winwebmail, it is best to establish a separate application pool and independent IIS users, then the entire installation directory has read/run/write/permissions for users, IIS users are the same, this IIS user only uses WEB access in winwebmail In the other IIS sites, do not use the server hard disk permission settings installed with winwebmail. The folder, subfolders and files are not inherited. CREATOR OWNER completely controls only subfolders and files. >SYSTEM completely controls the folder, subfolders and files <not inherited> Hard disk or folder: C:\\Inetpub\\ Main permissions section: Other permissions section: Administrators have full control of this folder, subfolders And the file < inherited from c:\\>CREATOR OWNER completely controls only subfolders and files<inherited from c:\\>SYSTEM completely controls the folder, subfolders and files<inherited from c:\\> Hard disk or folder: C:\\Inetpub\\AdminScripts Main Permissions section: Additional Permissions section: Administrators have full control of this folder, subfolders and files <not Inherited >SYSTEM completely controls the folder, subfolders and files <not inherited> Hard disk or folder: C:\\Inetpub\\wwwroot Main Permissions Section: Other Permissions Section: Administrators Full Control IIS_WPG Read Run /List folder directory /read the folder, subfolders and files the folder, subfolders and files <not inherited><not inherited>SYSTEM Full Control Users Read Run/List Folder directory /read the folder, subfolders and files The folder, subfolders and files <not inherited><not inherited> Here you can add the virtual host user group to
Same permissions as Internet Guest Account
Deny permission Internet Guest Account Create File/Write Data/: Reject
Create Folder/Additional Data/: Reject
Write Attribute/: Reject
Write Extended attribute /: Reject
Delete subfolder and file /: Reject
Delete /: Reject the folder, subfolders and files <not inherited> Hard disk or folder: C:\\Inetpub\\ Wwwroot\\aspnet_client Main Permissions: Other Limit section: Administrators completely control Users to read the folder, subfolders and files of the folder, subfolders and files <not inherited><not inherited>SYSTEM completely control the folder, subfile Folder & file <not inherited> Hard disk or folder: C:\\Documents and Settings Main permission section: Other permissions section: Administrators have full control of this folder, subfolders and files <not inherited>SYSTEM Full control over the folder, subfolders and files <not inherited> Hard disk or folder: C:\\Documents and Settings\\All Users Main Permissions section: Additional Permissions section: Administrators fully control Users to read and run the file Folders, subfolders and files The folder, subfolders and files <not inherited><not inherited>SYSTEM completely controls the permissions of the USERS group only to read and run,
absolutely cannot Plus write permissions to the folder, subfolders and files <not inherited> hard drive or folder: C:\\Documents and Settings\\All Users\\"Start The main permissions section of the menu: Other permissions section: Administrators completely control the folder, subfolders and files <not inherited>SYSTEM completely control the folder, subfolders and files<not inherited> Or folder: C:\\Documents and Settings\\All Users\\Application Data Main Permissions section: Additional Permissions section: Administrators fully control Users to read and run the folder, subfolders and files of this folder, subfolders and files <not inherited><not inherited>CREATOR OWNER completely controls Users to write only subfolders and files to this folder, subfolders<not inherited><not inherited>SYSTEM completely Control two side-by-side permissions with the user group that need to be separated from the column permissions for that folder, subfolders, and files <not inherited> Hard disk or folder: C:\\Documents and Settings\\All Users\\Application Data\\Microsoft Primary Permissions section : Other Permissions section: Administrators fully control Users to read and run the folder, subfolders and files in that folder, subtext And the clip files & lt; not inherited & gt; & lt; are not inherited & gt; SYSTEM Full Control This folder contains a Microsoft application state data
About the server
Windows system
How to remove the offline server server

Security dog ​​service cloud is a server security management cloud platform, it has a lot of useful

Prompt "You do not have permission to view this directory or page because the access control list (ACL) is configured for this resource on the web server"

                   Most of the problems occur because the permissions problem solution is online. I

The server could not find the existing file

                  Problem: The operating system of the LAN server is Windows Server 2003. When brows
Create an anti-spam server in three minutes!

                   Increasingly junk spam has become a cancer on the Internet. Although most email a
Lack of .net2.0 and vc9 causes some software to be installed.

Problem: The lack of .net2.0 and vc9 caused some software to be uninstalled. Phenomenon: Users canno
Mail server software MDaemon uses skill

There is no doubt that MDaemon developed by Alt-n of the United States is an excellent mail server s
  • DNS server
  • FTP server
  • Web server
  • Proxy server
  • Mail server
  • Server synthesis
  • About the server

    • Win8 renames the method of starting the screen icon name

    Mobile phone and computer can't connect to

    How to solve Win7 software and system incompatibility?

    Meet the powerful security features of win7 system

    Win10 system switching private or public network method

    How does the Linux system distinguish between gmtime and localtime

    How to install maqetta

    Millet box /millet TV installation Android game graphic tutorial

    What are the new features of win10 9879? Win10 preview version 9879 update content

    Windows 7 system to turn off the full-duplex audio mode method

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved