Web Analytics Made Easy -
StatCounter PHP lockdown in NTFS? - CodingForum


No announcement yet.

PHP lockdown in NTFS?

  • Filter
  • Time
  • Show
Clear All
new posts

  • PHP lockdown in NTFS?


    I am new to PHP, hopefully this is an easy question to answer. What is the tightest security I can setup for the PHP directory? Is there much risk in leaving it open with the default "Everyone" having full control? I am not sure I understand why this is the default, but anyway...

    I am running
    Windows 2000 Adavanced Server SP4 (NTFS)
    IIS 5.0

    My application for PHP is currently just forums (PHPBB2). It uses a MySQL database to store all data. In the future, I want to create dynamic webforms using PHP, and interface to the MySQL database from a webpage. How do I need to setup NTFS to have the tighest security possible on the web, while allowing me to preform these functions? Which directories in the PHP root need read/write/modify access?

    My current feeling is to remove "Everyone" from the PHP root on down. Then add administrators with full control, and IUSR_server_name with read/write access. Do I need execute? Is write access even neccisarry? Am I correct in understanding that everything within IIS uses the IUSR_server_name account to access these resources?

    If anyone has the answer to these questions, I would greatly apprieciate it. Perhaps you could even explain why you gave the answers you give. I've made a simliar post in the MySQL forum regarding MySQL lockdown.

    Thanks, David