Controlling Access to Applications
Applies To: Windows Server 2003, Windows Server 2003 with SP1
You can control which users and computers are allowed to access your Web server and its resources. You can use both the NTFS file system and Web server security features to assign users specific permissions to directories and files. You can also use IP address restrictions to limit access by specific computers or groups of computers.
Securing your files with NTFS permissions. With the NTFS file system, you can limit access to your Web server's files and directories. You can configure the file and directory permissions that set the access level assigned to a particular user account or user group. For example, you can configure your Web server to enable a specific user to view and execute a file, while excluding all other users from accessing that file.
Securing your Web site with Web permissions. Web permissions, unlike NTFS permissions, apply to all users accessing your Web sites. NTFS permissions apply only to a specific user or group of users with a valid Windows account. NTFS controls access to physical directories on your server, whereas Web permissions control access to virtual directories on your Web site.
Restricting access to your Web site by using IP addresses. With IP address restrictions, you can configure your Web server to assign or deny specific computers, groups of computers, or domains access to Web sites, directories, or files. For example, if your intranet server is connected to the Internet, you can prevent Internet users from accessing your Web server by assigning access only to members of your intranet, and explicitly denying access to outside users.