Ask the Expert

What has better file-level security -- Apache or IIS?

What has better file-level security -- Apache or IIS?

Requires Free Membership to View

If you're weighing the choice between Apache and IIS, I can assume you've decided to launch a Web server on the Windows platform. In that case, file security seems like an odd way to differentiate the two services. Generally, people choose Apache or IIS based on the applications they'll be running, their requirement to have access to the source code (Apache) or their need to integrate tightly with the Windows platform (IIS).

For either Apache or IIS, your primary method for securing files should be the operating system: NTFS file security. That'll function the same for either Web server. From there, both Web servers can be configured with filters to restrict paths, files and file types that can be retrieved. For IIS, check out the IIS Lockdown Tool freely available from Microsoft. In a nutshell, my answer is that both platforms provide comparable levels of file security when properly configured and maintained.

This was first published in March 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: