How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Philip Kaplan
I'm allowing people to FTP-upload into one of my web server directories, but I don't want them to be able to upload and run cfm (or asp, etc) scripts. I right-clicked on the directory in IIS and changed execute permissions to none, but it seems the cfm files in that directory are still running.

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Agha Mehdi
You can add application.cfm or Application.cfc to the folder and cfabort any request. that will ensure that no cfm file is executed On Thu, Aug 20, 2009 at 11:21 AM, Philip Kaplan pkap...@gmail.com wrote: I'm allowing people to FTP-upload into one of my web server directories, but I don't

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Philip Kaplan
That's a clever idea but I would preferably like to give users delete permission on that directory, in which case someone could just delete the application.cfm file. On Thu, Aug 20, 2009 at 11:40 AM, Agha Mehdi aghaime...@gmail.com wrote: You can add application.cfm or Application.cfc to the

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread sslone
Phil- Your FTP folder should be below your web root - I believe anything in the web path will be served via the browser. I don't think you can turn off processing for a directory in the web path. If you are using the content of the FTP as web content, you can use an upload function through

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Ian Skinner
ssl...@rubbergumball.net wrote: Phil- Your FTP folder should be below your web root - I beleive that quote should be above or outside or possible not be below. I.E. Yes, your FTP folder should have NO relation to your web root folder. Only after you have scrutinized ANYTHING uploaded

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Agha Mehdi
There are multiple ways you can do it depending on your setup. 1. Have your ftp folder below the web root 2. Add cfabort to a directory above the ftp folder in the web root so that it stops any processing on any sub folders. 3. uncheck all options (Read, Write etc) under Directory for that folder

Re: How do I remove execute permissions from a directory in IIS?

2009-08-20 Thread Dave Watts
I'm allowing people to FTP-upload into one of my web server directories, but I don't want them to be able to upload and run cfm (or asp, etc) scripts. I right-clicked on the directory in IIS and changed execute permissions to none, but it seems the cfm files in that directory are still