How can I password protect an IIS directory with only FTP access?

Posted by Tony Adams on Server Fault See other posts from Server Fault or by Tony Adams
Published on 2012-03-24T22:46:10Z Indexed on 2012/03/24 23:31 UTC
Read the original article Hit count: 278

Filed under:

authentication

|

web.config

|

password-protected

How can I password protect an IIS directory when I only have FTP access to the server? I can't adjust any IIS settings or add users or anything like that.

The answer to:

IIS Basic Authorization ala .htaccess/.htpasswd in apache

does not help as I only have access to the server via FTP. I just need to password protect a directory.

I've tried several variations of a web.config file. I can get a basic HTTP auth form to pop up when a user attempts to load a page from my test directory, but I can't configure the authentication part. The server complains that:

Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.

whenever I add an <authentication> section to my web.config.

I'm grateful for any help anyone can offer.

Edit: I don't know what version of IIS is running on this server, but here is the server tag from error messages:

Version Information: Microsoft .NET Framework Version:1.1.4322.2490; ASP.NET Version:1.1.4322.2494

© Server Fault or respective owner

Related posts about authentication

Configuring Fed Authentication Methods in OIF / IdP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
In this article, I will provide examples on how to configure OIF/IdP to map OAM Authentication Schemes to Federation Authentication Methods, based on the concepts introduced in my previous entry. I will show examples for the three protocols supported by OIF: SAML 2.0 SSO SAML… >>> More
windows authentication vs sql server authentication for asp.net forms authentication site

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a database and a site having forms authentication. It is working fine with VS2008. This time, I am using "Trusted_connection =True". But when it is opened from outside or directly from browser then I am getting error "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'." I know this is due… >>> More
Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication? >>> More
AutoCompleteExtender - authentication failure (forms authentication)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily. If I change my service definition to include a demand for the caller to be authenticated, like so: <OperationContract()… >>> More
Ruby on Rails , functionalities having twitter authentication and email authentication (autlogic and

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Experts, I would like to ask your guidance on how to authenticate using email add/ the basic log-in while having also a twitter log-in, twitter authentication works fine but if having an alternative log-in like using basic sign-up and email log-in part wont work.... any ideas please...? >>> More

Related posts about web.config

Child web.config can't clear <pages><controls> from parent web.config

as seen on Stack Overflow - Search for 'Stack Overflow'
How can I "clear" the vendor defined <controls> in my child app's web.config? Parent Web Config. <system.web> <pages> <controls>  <add tagPrefix="asp" namespace="VENDOR.Web.UI.Base" assembly="System… >>> More
Configure Forms based authentication in SharePoint 2010

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Configuring form authentication is a straight forward task in SharePoint. Mostly public facing websites built on SharePoint requires form based authentication. Recently, one of the WCM implementation where I was included in the project team required registration system. Any internet user can… >>> More
Allowing creation/modification of virtual aliases using web.config

as seen on Server Fault - Search for 'Server Fault'
Hi, I've been given a problem to fix, and I initially thought of .htaccess files, except for one thing, I quickly realized it's an IIS server. Is it possible to allow a webmaster the ability to modify the virtual directories using web.config files in the same way you can using .htaccess files? … >>> More
SharePoint 2010 - Access denied during ApplyWebConfigModifications()

as seen on Stack Overflow - Search for 'Stack Overflow'
I have SharePoint 2010 installed on a Windows Server 2008 R2 machine which is also hosting SQL Sever 2008 R2. I am attempting to deploy a solution that includes web parts in the 2010 environment that is working fine in MOSS 2007. The Web Part feature has a feature receiver that updates the web.config… >>> More
Error in Encrypting web.config connection string

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi everybody, I am encrypting web.config file. My code is below. Configuration config = WebConfigurationManager.OpenWebConfiguration("~"); ConfigurationSection section = config.GetSection("connectionStrings"); if (!section.SectionInformation.IsProtected) { section.SectionInformation.ProtectSection("RSAProtectedConfigurationProvider"); … >>> More