Microsoft KB Archive/310755

From BetaArchive Wiki

Article ID: 310755

Article Last Modified on 8/22/2007



APPLIES TO

  • Microsoft FrontPage 2000 Server Extensions
  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Server 4.0



This article was previously published under Q310755

SYMPTOMS

In Microsoft Internet Information Server (IIS) 4.0 or Microsoft Internet Information Services (IIS) 5.0, the _vti_pvt folder in the Web content folder may be much larger than expected, because it may contain files other than those files that are used by Microsoft FrontPage and IIS.

CAUSE

This behavior can occur if all of the following conditions are true:

  • The FTP content folder (home directory) is mapped to the Web content folder on the Web server.


For example, C:\Inetpub\wwwroot (where wwwroot is the location of the Web's root content, and C is the drive on which the Web server content resides). The default FTP home directory is Inetpub\ftproot.

-and-

  • The FTP site is configured to allow anonymous access.


-and-

  • The IUSR_computer name account has Write Web server permissions to the FTP content folder.


By default, when you install IIS, the WWW Service and the FTP Service use the same account, IUSR_computer name, for anonymous access.

In this situation, a user who logs on by using the "anonymous" user name can use FTP to browse and upload files to the _vti_pvt folder that is located in the Web content folder.

RESOLUTION

To resolve this issue, use one of the following methods, as appropriate to your situation.

Method 1: Turn Off Anonymous FTP Authentication and Enable Basic Authentication

Use this method if you want to retain the mapping of the FTP content folder to the Web content folder on your Web server, but you do not want to allow anonymous access to the FTP server. When you enable basic FTP authentication, users are required to enter valid Windows user names and passwords to log on to the FTP service. To disable anonymous FTP authentication and enable basic FTP authentication, follow these steps:

  1. Start Internet Services Manager or open the Microsoft Management Console (MMC) containing the IIS snap-in.
  2. Expand * server name (where server name is the name of the server).
  3. Right-click Default FTP Site, and then click Properties.
  4. Click the Security Accounts tab.
  5. Click to clear the Allow Anonymous Connections check box.

    Click Yes if you receive the following message:

    The authentication option you have selected results in passwords being transmitted over the network without data encryption. Someone attempting to compromise your system security could use a protocol analyzer to examine user passwords during the authentication process. For more detail on user authentication, consult the online help. This warning does not apply to HHTPS (or SSL) connections.

    Are you sure you want to continue?

    IMPORTANT: When you click to clear the Allow Anonymous Connections check box, you enable basic FTP authentication. In basic authentication, Windows user names and passwords are not encrypted and are sent across the network in clear text.

  6. Click OK.
  7. Start Windows Explorer, and then remove unwanted files from the _vti_pvt folder.

Method 2: Change the Home Directory of Your FTP Site

Use this method if you want to change the home directory of your FTP site to a different folder location than the Web content folder. Note that when you do this, users cannot browse and upload files to the Web content folder or any folders within the Web content folder.

  1. Start Internet Services Manager or open the MMC containing the IIS snap-in.
  2. Expand * server name (where server name is the name of the server).
  3. Right-click Default FTP Site, and then click Properties.
  4. Click the Home Directory tab.
  5. In the Local Path box, click Browse, locate and select the folder that you want to contain FTP content, and then click OK twice.
  6. Start Windows Explorer, and then remove unwanted files from the _vti_pvt folder.


MORE INFORMATION

For additional information about how to set up an FTP Server on a Microsoft Windows 2000-based computer, click the article number below to view the article in the Microsoft Knowledge Base:

300662 HOW TO: Set Up Windows 2000 as an FTP Server


For additional information about setting Web Server permissions and security in IIS 4.0, see the "Security" topic in the Windows NT 4.0 Option Pack documentation along the following path:

Microsoft Internet Information Server
Server Administration
Security


For additional information about setting Web server permissions and security in IIS 5.0, see the "Security" topic in the Internet Information Services 5.0 Online documentation at the following Microsoft Web site:

For complete information about the installation, use, and administration of FrontPage Server Extensions, see the FrontPage Server Extensions Resource Kit (SERK) at the following Microsoft Web site:

To download the FrontPage 2000 Server Extensions, browse to the following Microsoft Web site:

For additional information about installing FrontPage Server Extensions on a Microsoft Windows NT 4.0 or Windows 2000-based computer, click the article numbers below to view the articles in the Microsoft Knowledge Base:

205696 FP: How to Install FrontPage 2000 Server Extensions for Internet Information Server


300004 HOW TO: Install and Configure FrontPage 2000 Server Extensions on a Windows NT-Based Web Server (Windows NT or Windows 2000)



Additional query words: front page

Keywords: kbprb KB310755