I have looked at the tool already, and it doesn't reference security for any issues with php.
I know what to do to the IIS server to secure it, my concern is over the addition of the php module and how it effects the security of the system. -----Original Message----- From: Robin Bolton [mailto:[EMAIL PROTECTED]] Sent: Monday, April 01, 2002 10:52 AM To: Eric Gentry; [EMAIL PROTECTED] Subject: RE: [PHP-WIN] Configuring securely in IIS5 A good place to start may be the IIS Lockdown Tool: http://www.microsoft.com/WINDOWS2000/downloads/recommended/iislockdown/d efau lt.asp -----Original Message----- From: Eric Gentry [mailto:[EMAIL PROTECTED]] Sent: Monday, April 01, 2002 8:15 AM To: [EMAIL PROTECTED] Subject: [PHP-WIN] Configuring securely in IIS5 I have been able to install php and get it running on our test server running IIS5. Everything is going fine, but now I am beginning to ponder the question, how do I secure this when it goes live? I have read through the installation documentation, and read the security chapter of the php manual that I downloaded from the php.net website. Various queries to Google have been unproductive, so I thought I may check here. Now, I am not talking about script internals security (that will be handled more by our development team), just mainly how to configure php on the server so that I don't have people tearing the darn thing down when this site goes live. We are using the ISAPI module. I have seen numerous tidbits on Apache, but we are going to be using IIS. Can anyone point me to a book, FAQ, examples, anything to set me on the way? Thanks a ton -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
