This section provides information about administering and configuring your Web site.
You can use Internet Services Administrator, which comes with Personal Web Server, to restrict access to your Web site by restricting access to individual users or groups, and specifying password encryption methods for your Web site.
You can also require users to supply a valid Windows NT user name and password. You can have the password sent by using either basic authentication or Windows NT challenge/response authentication.
With both basic authentication and Windows NT authentication, no access is permitted to secure folders unless a valid user name and password is supplied. Password authentication is useful if you want only authorized individuals to use your server. You can have both anonymous access and authenticated access enabled at the same time.
Basic authentication does not encrypt your user name and password before transmission. Basic authentication is encoded only by using base64 encoding, and can be decoded easily by anyone with access to your network or to a segment of the Internet that transfers your packets.
The WWW service also supports the Windows NT Challenge/Response encrypted-password transmission.
Windows NT Challenge/Response authentication encrypts the user name and password, providing secure transmission of user names and passwords over the Internet. It is currently supported only by Microsoft Internet Explorer version 3.0 or later for Windows 95.
The easiest way for someone to gain unauthorized access to your system is with a stolen or easily guessed password. Make sure that all passwords used on the system, especially those with administrative rights, have difficult-to-guess passwords.
By limiting the members of the Administrator group, you limit
the number of users who might choose bad passwords and expose
If your computer is not set up to use user-level access control, you can control access to your Web site by creating a user list on your computer.
To add users to a user list
You can also create groups of users.
To create a group of users
To add users to a group
You can also restrict access to your Personal Web Server
folders on a per-folder basis. You can set a folder to be
read-only, or allow users to run scripts in that folder, or both.
To restrict access to a folder
You can track access to your Web site by using log files.
To enable logging
The log file is named Inetserver_event.log. If you do not specify a log file directory on the Logging tab, the file is stored in your Windows folder.
Return to Contents