sanchito75 Posted August 15, 2006 Share Posted August 15, 2006 HI all, There are alot of great articles on the forums about password protecting the admin for non windows servers , but not a lot of real great visual examples of HOW- TO-DO it for Windows 2003 servers and IIS. For those of you that have your own Windows 2003 web server and you are using IIS for hosting os commerce, this link will help you lock it down the simple way. In my Scenario this works perfect for me as I am hosting this server on my own VMWARE server running windows 2003 VM and I am not sharing this server with anyone else websites. SO PLEASE DO YOUR HOMEWORK FIRST BEFORE DOING ANYTHING BELOW. Preferred Requirements: READ ME FIRST!!!!!!!!!! 1) You must have administrator rigghts to access the server 2) You must be able to RDP (remote Desktop or other remote tools such as VNC and pcnywhere) into the servers public IP or private if you are hosting it yourself or have remote access to the IIS admin tool :) 3) Ensure that if you are sharing this web hosting server with other people that you check with them you can do this. If it is being hosted at hosting company definetly check with their technical support Step1) Follow this link http://www.hostmysite.com/support/dedicate...asswordprotect/ In this documenation subsitute the oscommerce admin folder for their folder and DO NOT apply this to DEFAULT WEBSITE as you will lock everyone out of the site. Apply only to the admin ( or whatever you named it) folder. If you have any quesitons ask before doing this. Step2) Apply IP Filters to the admin site. Applying IP filters and allowing only source IP address to access the admin will work even better. You can find more info on this at http://www.iis-resources.com Step3) Apply the SSL using the IIS admin to the os commerce admin folder so that it requires SSL connectivty. Step4) Use the IIS lockdown tool ( http://www.iisanswers.com/articles/IIS_Loc...IISLockdown.htm ) Step5) lockdown the windows 2003 web server ( http://www.shebeen.com/win2003/ ) If you follows these artilce and be smart by asking questions and doing before backups you will have a pretty secure IIS os commerce server Enjoy Sanchito Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.