Is there a way that we can set up One-Time-Password in iis?
As a web server is possible (via isapi) but i couldn't find As a ftp server
Can you elaborate how you imaging one time password with FTP?
If you care about security, you should not be using FTP at all
Related
I have two servers. First one is a server with ASP app on it and the second one is an LDAP auth server. I need to login on app server over LDAP on the second server and I need to use windows auth (NTLM or Negotiate). As I know based on my research to login on the server using active directory domain from other server they must be in the same local network. This can be established by VPN. But the thing is that I can't use a VPN. Can it be established somehow? I'm currently trying to configure IIS to not identify my user on my current domain and serve the credentials to remote server over LDAP using .Net. Sorry if I have a wrong understanding about something, I'm still newbie in windows auth and AD. Correct me if I wrong in something.
I'm using ASP.NET Core RC2 and IISExpress 10 on my local machine and my target framework is 452 due to using some old modules.
On remote app server I'm using IIS 8.5
I am developing a web app that is not doing anything fancy. The parent company wants to use a cloud based IIS service to support the web app and then submit the information to the client's local SQL servers through the internet and the client's firewalls.
Traffic isn't that much of an issue, we are talking about probably no more than 10 submissions daily per client. My question is with regard to connecting to the client's SQL servers and running the Stored Proc on each server.
We already have admin privileges on the firewalls and servers to do what we need to do to make anything happen.
What would be my best/reliable/secure method to implement this service?
Page asks for 10 items of info then submits to Stored Proc, that's it... with a local IIS server there is no problem, works nice. I want to make sure that the information stays secured, not just for the 10 items, but the SQL server and any security between it and the IIS server.
Any recommendations?
I would recommend setting up a VPN tunnel between the remote IIS server and the in-house SQL server. With a VPN tunnel, the SQL server is just like any other server on the network to the app.
Webdeploy is very convenient from Visual Studio 2010. Today I am using it to publish my project via a remote deploy agent (http://x.x.x.x/MsDeployAgentService) to a production web server facing Internet.
Although administrator password is required, is it a good practice to leave http://x.x.x.x/MsDeployAgentService accessible to everyone or should I care more about the security of this subpath so that it cannot be accessed from Internet?
If I need to allow deployment only from certain internal URLs, how do I secure the deployment agent service?
It seems pretty secure as a few shared hosts are using it for their clients.
Security note
Set it up so that you are using IIS managers and not Windows Logins.
There is an implicit restriction on what IIS managers can do, rather than Windows, and passing out Windows logins means access via RDP to the server (usually)
can i have multiple iis ftp sites using something similar to web site's unasigned host headers?
i have a dedicated server in a hosting facility and want to make a web site for each of my clients. to add/ remove files and content i want ftp access to each of the sites root folders.
lets say i have 10 sites set up using unasigned host headers... how can i set up 10 analogous ftp sites on the same server? AND NOT USE A DEFINED IP ADDRESS FOR EACH FTP SITE
thanks all
This is probably more suited for serverfault.
Also, I wouldn't use the built-in Windows FTP server. Check out Filezilla Server. It's free and can handle a bunch of users, sites, etc. on one IP.
Also, drop dead easy to configure.
We are using MOSS 2007.
We are about to make one of our SharePoint sites live over the internet but we wants the file upload/download to be SFTP. Is this possible in SharePoint, if so how can this be done? Must it be done through custom code (Please provide me with an example) or is there a setting somehwere where you can turn uploads and download of the site to SFTP?
Thanks in advance!
Well SharePoint does not use FTP at all. It's files are being stored directly to database so there is no need for FTP.
By default it uses HTTP/HTTPS for file upload/download from web and WebDAV in case you are using multiple upload / explorer view.
In case you want to protect your files I would advise publishing your site via HTTPS only.
As Toni said there is no FTP or SFTP server in SharePoint (these are very different protocols).
SFTP is based on the SSH protocol which provides a similar kind of protection to what HTTPS provides. So you may be able to meet your needs by using HTTPS. You can configure this in Central Administration.
HTTPS is a lower level protocol than HTTP, and will protect both SharePoint HTTP and WebDAV traffic.
If you must use SFTP for some reason (for example integration with Unix-based systems perhaps) then you would need to run an SFTP server on the same server as SharePoint and create some mechanism for transferring these files into SharePoint. The file download process will not by fixed by this approach.