Fog Creek Software
Discussion Board




Knowledge Base
Documentation
Terry's Tips
Darren's Tips

IIS and link level

I published a site to the client's IIS server. Links to files deep in directories don't work. Shallow links do.

Their IT guy said, "I secured the IIS server therefore there could be security restrictions on link level.  Please advise what security settings you need relaxed."

Where can I find out what to do about it?

TK

tk
Wednesday, December 01, 2004



I host over 1000 sites. I have never heard of a "shallow" link level. If my clients own a main web folder on our server they can create links as deep as they'd like as long as the stuff stays in the main "root" of the site. They wouldn't be able to make links to other folders on our server or other client's folders.

Our permissions are set to keep each client's site in their account folder. They receive 300 mb of space and can use it to store whatever they like.

I can't think of anything you could tell the tech about how to "relax" the permissions.

Doesn't make sense to me. :|

John

john cesta
Thursday, December 02, 2004

Ditto John's reply (except the bit about 1000 sites).

It's not because the URLs are too long is it?

2048 characters I think I read is maximum (that's still a huge amount and it would have to be very deep and lots of long folder names). The limit is more likely to be hit if you're submitting a form using "METHOD=GET"

http://support.microsoft.com/kb/q208427/

Dan
Friday, December 03, 2004

The site is proprietary so I can show you. It works perfectly on my host.

The site is in subdirectory of the company's main site.
25characterbaseURL/intranet/

Eventually users will have to logon to see it:


These links work:
25characterbaseURL/intranet/HomePageDocs/Contacts/AutodialPhoneList2.doc

25characterbaseURL/intranet/BMSindex.html

25characterbaseURL/intranet/search.html

These links don't work
25characterbaseURL/intranet/BMSLive/6.0/6.10/6.11/Project_plan.doc

25characterbaseURL/intranet/BMSLive/6.0/6.10/6.11/ProjectPlan.html

When I say they don't work, I get a nearly instant "404" error.

tk
Friday, December 03, 2004

How about the dot "." in the sub-directories... ?

Anonymous Coward
Friday, December 03, 2004

Could be!

Does anyone know about where "x" in a directory name is valid (or can be made valid) in IIS?

Works fine on a Unix server.

tk
Friday, December 03, 2004




I'm on site.

I am on our 2003 IIS server.

I just created this document in this folder structure:

http://www.johncesta.com/1.1/2.1/3.1/4.1/lotsoffolders.html

john cesta
Friday, December 03, 2004



how about this one:

http://www.johncesta.com/1.1/2.1/3.1/9.11116678/lotsoffolders.html

john cesta
Friday, December 03, 2004

There is a security setting to disable paths with the "." character.

B
Friday, December 03, 2004

Ah ha!

We'll I'm punting and have removed my "."'s. Maybe they have perfectly good reason for disallowing them. Maybe they don't even know about it.

I'll let you know if that works.

I really appreciate the help. Some bouts of panic are involved.

tk
Friday, December 03, 2004

It works now. I removed the "." from all my directory names and it works.

Thanks again.

tk
Friday, December 03, 2004



The setting is there to prevent a

/../winnt type of command.

to sneak into a system folder. We do other things to prevent that.


John

john cesta
Friday, December 03, 2004

*  Recent Topics

*  Fog Creek Home