menu
Logo
  • Why azing?
  • Blog
  • Help
ENarrow_drop_down
  • DE
  • EN
Suche in Checklisten
search
azing Logo ENarrow_drop_down
  • DE
  • EN
  • Why azing?
  • Help
DNN Community
drive_folder_upload
  • homeChecklist Templates
  • south
  • fiber_manual_recordOperations and Security
  • south
  • fiber_manual_recordHosting DNN
  • south

folder_sharedHosting DNN

  • homeChecklist Templates
  • south
  • fiber_manual_recordOperations and Security
  • south
  • fiber_manual_recordHosting DNN
  • south

folder_sharedHosting DNN

Folders and checklists

  • check_circleConfigure IIS to use Windows File Server NAS Backend
  • infoHosting Model "Divide and Conquer"
  • check_circleSetup a Windows File Server as NAS for DNN Websites

Parts (0) expand_more

These are small document-parts which are used in other documents. They are not a starting point for any real activity. Because of this, they will be listed further down and the search will not list them unless requested. 

Just so you understand this: there are up to 3 identities that are relevant for the web server operations. We recommend that you use the same identity for all 3 purposes, like this:

  1. IIS Process Identity: The .net process must run in the standard Application Pool Account which is automatically generated. This identity is in the group IIS_Users.
    This is best practice, this account specialized for this purpose. Do not create your own accounts for this, as it only lowers your security. 
  2. Database Connection Identity: This should use a different, dedicated account
    1. In most cases you will use SQL login (not Windows/AD) which is specific to this site. 
    2. Make sure that this account is exclusively meant to access this one database.
      This ensures that in case of a security breach, the login information doesn't give the attacker access to any other DBs.  
    3. You can include the username/password in the web.config or use one of the encryption or secrets methods available.
      Just remember that it probably won't really change the security footprint, since an attacker that is able to run code on your system would also be able to access the decrypted values.  
  3. File Access Identity
    1. Basic Model: On the same server use the same application pool identity, and not IUSR for file/disk access.
      This reduces the amount of special cases you must harden. 
    2. Advanced Model: On the network use a special account in your AD made specifically for this purpose. 
Logo
Legal | Content Copyright CC-BY 4.0
bug_reportReport Bug
  • info
  • Links
  • Permissions
code Share
code
URL copied to clipboard.
Embed Checklist close
Copy Copy
Content Copyright

CC-BY 4.0

Translations

None

DNN Community Logo

DNN Community

QR-Code
azing.org/dnn-community
/r/xuOss4SM
View & Use

Public (can be used by everybody)

Edit & Admin

Default (all members can edit)

This catalog has a simple permission model, where all members have the same permissions. For advanced permissions, upgrade to Enterprise.

Here you can see how this document is used and linked by other documents

Used in (1)

Others referencing this

  1. Hosting Model "Divide and Conquer"
Uses these (0)

Documents linked from this document

How it Behaves

How this document is categorized changes how it behaves.

This is a partial document. It is listed below the normal documents, and is hidden in the default search.

It belongs to Hosting Model "Divide and Conquer"

Type

This is an Information. Lists are treated as information and not as checkboxes'

Get something to say?

Comment to start a discussion or make a note
send

please log on to chat

close

Durchsuche ganz Azing