How to lock down admin directories?

#1 08-27-2008, 10:03 AM

I've been asked to restrict access to a site Admin directory because the site
has been hacked pretty regularly. There is currently a separate web login to
get to Admin, but I'm being asked if I can lock down that directory based on
the NETWORK DOMAIN to endure only internal users can get to it.

Is this more of an IIS issue, or is this something that can be done in CF?

#2 08-27-2008, 10:23 AM

loamguy wrote:
>
> Is this more of an IIS issue, or is this something that can be done in CF?
>

Well, IIS is a great way to do stuff like this. Install the
Administrator on an IIS website and then use the Directory Security
features of that site to restrict what IP addresses that can be allowed
to view it.

#3 08-27-2008, 11:46 AM

Since it isn't the root directory, how do I do that? Set up a virtual directory on IIS?

#4 08-27-2008, 11:50 AM

loamguy wrote:
> Since it isn't the root directory, how do I do that? Set up a virtual directory on IIS?

No set up second IIS website to be the home of the administrator so that
it can be removed from your public website.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode