Protect http interface using Username/Password, Client IP and certificates

ActiveX/VBSScript registry editor  ActiveX NT User account manager  Export MDB/DBF from ASP
Url replacer, IIS url rewrite Active LogFile  Email export  ActiveX/ASP Scripting Dictionary object
 IISTracer, real-time IIS monitor
 Huge ASP upload - upload files with progress.
Info page
<< HTTP configuration interface
 Form   
              New version of IISTracer (from 2.60) has also a new method to protect IISTracer http interface. The protection is based on standard IIS authentication. There are several steps to protect IISTracer http interface.
      

1. Set right instance for http interface

      Go to HTTP configuration interface or Configuration application - basic setup and install filter to IIS and select IIS instance you want to run HTTP configuration interface.
      Select IIS instance ID for IISTracer monitoring URL

2. Create physical http configuration script under the instance

      Go to web folder in selected IIS instance and create folder with name of 'Http interface URI' (/iistracer by default). Create also additional files named 'config', 'about' and 'kill' in the folder. The files can be zero length - contents of these files is unsignificant.
      Create an empty folders for IISTracer

3. Set http interface folder authentication type

      Go to IIS MMC and select properties for the /iistracer folder.
      * Directory tab - set 'Directory browsing allowed' for the folder
      * Directory security - select authentication method for http interface.
       - select annonymous/basic/digest/integrated windows authentication
       - grant or deny ip address access to the http interface
       - select required certificates for the http interface
      Set security for the IISTracer folder

4. Set NT user rights for http interface

      Go to /iistracer physical folder, select it's windows properties->security tab. Add read right for users you want to access http interface.
      Go inside the folder and set read user right for 'config', 'about' and 'kill' files.
      For example, set read to /iistracer for 'domain users' and set 'domain admins' for /iistracer/config, /iistracer/about and /iistracer/kill.
      Set NTFS rights for the IISTracer folder
      
      

How it works?

      IISTTracer handles HTTP configuration interface requests in SEND_RAW_DATA. It checks outgoing http state - IISTracer will respond to the request if the state is '200 OK' or '304 not modified', the request is unmodified otherwise. So you can also use /iistracer.asp (/iistracer.aspx) uri to handle security of http interface using asp/aspnet.

© 1996 – 2007 Antonin Foller, Motobit Software, help@pstruh.cz