How do I secure a folder used to let users upload files?

Posted by Eduardo Molteni on Stack Overflow See other posts from Stack Overflow or by Eduardo Molteni
Published on 2008-08-22T14:38:15Z Indexed on 2010/04/21 12:23 UTC
Read the original article Hit count: 223

I have a folder in my web server used for the users to upload photos using an ASP page.

Is it safe enough to give IUSR write permissions to the folder? Must I secure something else? I am afraid of hackers bypassing the ASP page and uploading content directly to the folder.

I'm using ASP classic and IIS6 on Windows 2003 Server. The upload is through HTTP, not FTP.

Edit: Changing the question for clarity and changing my answers as comments.

© Stack Overflow or respective owner

Related posts about iis

Related posts about windows-server-2003