|
sponsored links |
|
|
sponsored links
|
|
1
14th August 19:41
External User
Posts: 1
|
HTW file security risk
Hi All,
recently one of my clients sites underwent a security audit. One of the issues they returned was that IIS sample script pages were accesable from the site(http://www.client.ie/scripts/samples/qsumrhit.htw). My hosting company has toldme their is nothing they can do about this as these files only exist in a virtual environment and there is no way to remove them. I have found referances to patches that will remove them from iis4 but nothing for IIS 6. I understand that there is little or no risk involved in leaving the files in place, however my client thinks the SKY is falling in and wants them gone. DOes anyone have a suggestion as to how I can get rid of them? Many thanks in advance for any suggestions. |
|
|
|
2
14th August 21:10
External User
Posts: 1
|
HTW file security risk
Tell your hosting company to delete the 'scripts' virtual directory from the
IIS snap-in. |
|
|
|
3
14th August 22:37
External User
Posts: 1
|
HTW file security risk
Hi Leon,
I wonder if you could give mea little more detail pls. Where is the IIS snap located? Cheers Kevin |
|
|
|
4
14th August 22:38
External User
Posts: 1
|
HTW file security risk
Are you the webhost? If not then I would seriously reconsider using them if
they don't know where the IIS admin snap in is. Start / Control Panel / Administrative tools / Internet Information Services Expand the website concerned and right-click on the 'scripts' virtual directory and select 'delete'. |
|
|
|
Linear Mode
