Macromedia contribute 3-deploying contribute User Manual
20
Deploying Contribute to Departments and Enterprises
In particular, you might want to block HTTP access to the MMWIP folder. The MMWIP folder
contains interim drafts of files (works in progress) that you might want to protect. Macromedia
recommends that you restrict access to the MMWIP folder so that only members of your
organization can browse files within that folder.
contains interim drafts of files (works in progress) that you might want to protect. Macromedia
recommends that you restrict access to the MMWIP folder so that only members of your
organization can browse files within that folder.
Note: In addition to using the computer’s operating system and web server software configuration
settings, you might consider using a third-party URL scanner to block HTTP access to secure these
files and folders.
settings, you might consider using a third-party URL scanner to block HTTP access to secure these
files and folders.
Related topics
•
•
•
Apache web servers
If your website uses Apache, you can explicitly disable browsing folders and files that begin with
an underscore. If you know how to modify the Apache web server’s httpd.conf file and have
permission to do so, you can use the DirectoryMatch directive to prevent visitors from viewing
any file in a folder beginning with an underscore.
an underscore. If you know how to modify the Apache web server’s httpd.conf file and have
permission to do so, you can use the DirectoryMatch directive to prevent visitors from viewing
any file in a folder beginning with an underscore.
If you’re not sure how to edit the Apache httpd.conf file or don’t have permission to do so, ask
your system administrator or Internet service provider (ISP) to do it for you. To learn more about
limiting access to files and folders, and other security issues relevant to the Apache web server, see
the documentation supplied with your Apache distribution.
your system administrator or Internet service provider (ISP) to do it for you. To learn more about
limiting access to files and folders, and other security issues relevant to the Apache web server, see
the documentation supplied with your Apache distribution.
Microsoft IIS web servers
To prevent unauthorized users from accessing Contribute administrative folders under Microsoft
IIS, use access control lists (ACLs) to prevent read access by unauthenticated users of the
operating system as well as by clients connecting to IIS. When you use ACLs to restrict access,
only properly authenticated users can view the contents of the Contribute administrative folder.
Anonymous web clients, or other users with access to the server, cannot view the administrative
folder and its contents.
IIS, use access control lists (ACLs) to prevent read access by unauthenticated users of the
operating system as well as by clients connecting to IIS. When you use ACLs to restrict access,
only properly authenticated users can view the contents of the Contribute administrative folder.
Anonymous web clients, or other users with access to the server, cannot view the administrative
folder and its contents.
Note: When setting permissions for Contribute administrative folders, ensure that Contribute has
read/write access to the administrative folders and the files they contain. Contribute uses the settings
in these files to enforce role settings of users connecting to the site.
read/write access to the administrative folders and the files they contain. Contribute uses the settings
in these files to enforce role settings of users connecting to the site.
In addition to securing the administrative folders using the operating system’s permissions and
access control lists, you should consider using UrlScan to further secure IIS web servers. UrlScan
is a security tool provided by Microsoft that screens incoming requests to the server by filtering
the requests based on rules that you create. Filtering requests helps secure the server by ensuring
that only valid requests are processed.
access control lists, you should consider using UrlScan to further secure IIS web servers. UrlScan
is a security tool provided by Microsoft that screens incoming requests to the server by filtering
the requests based on rules that you create. Filtering requests helps secure the server by ensuring
that only valid requests are processed.
To learn more about the UrlScan utility, see the Microsoft website at