StoreFront Ecommerce News for FrontPage & Dreamweaver
Press CTRL+D to Bookmark StoreFrontGoodies.com
Click Here to sign up for our Monthly Newsletter.

| Home | New Forum! | StoreFront 6 | StoreFront 6 Add Ons | Search Engine Optimization | Essential Tools | StoreFront 5 | StoreFront 2000 | SFG Partners | Participate | Suggestion Box | Security |

home > storefront 2000 > storefront 2000 knowledge base

| StoreFront 2000 Knowledge Base |


StoreFront 2000 Permissions Settings
 

Posted Friday, April 23, 2004

One of the most important parts of publishing a StoreFront web is ensuring that your host has correctly configured the necessary permissions settings. The specific permissions settings that must be configured through FrontPage and on the web server are described in more detail below.

The NT Server Setup:
Ask your host to assign the following permissions to your web:

    1. The Administrators account should be given full control over the entire web.

    2. The IUSR and Everyone accounts must have Modify or Change permissions on the folder containing the database. This folder will be called either "fpdb" or "database", depending on which version of StoreFront you are running.

    3. The System account should be given full control.

    4. The ssl/admin folder of your web store contains files that allow access to customer information. Your host will need to restrict permissions on this folder to ensure that your customer's information is secure. Contact your host and request that the Everyone account be removed from this folder, or that the folder be set to disallow anonymous access. Either one of these settings will cause every user trying to browse files in this folder to submit a valid username and password that can only be supplied by your server administrator.

    5. The MSADC virtual directory required by StoreFront 2000 should be set to disallow anonymous access.

The FrontPage Permissions Setup:
In addition to the permissions setting made by your host, there are also some changes that must be made to the web through FrontPage. You can do these yourself, so there's no need to involve your host with this part of the configuration. Follow the steps detailed below to make the necessary changes to your web.

    1. Open your remote web in FrontPage. To do this, select File, then Open Web. Enter the IP address or domain name of your web in the dialog box that appears, then click Open. You may be prompted for a password; if so, just use the username and password provided by your host.

    2. Once the web is open, right-click on the root. This is the uppermost folder in your web's structure, next to which FrontPage will display the address of your web. Select Properties. Under Properties, make sure that "Allow files to be browsed" and "Allow scripts to be run" are both checked. "Allow programs to be run" should be unchecked. Click OK.

    3. After setting properties on the root, you'll need to use FrontPage to secure your fpdb or database folder. Right-click on the folder and select Properties. Uncheck "Allow files to be browsed." Click OK. This will keep people from browsing to your database and downloading it. Your database contains all of your customer and order information, so this security measure is extremely important.

These are all the permissions changes that are required by StoreFront 2000 and StoreFront 99.

Browse more...
StoreFront 2000 Knowledge Base

e-mail E-mail this page
print Printer-friendly page