What has better file-level security -- Apache or IIS? If you're weighing the choice between Apache and IIS, I can
assume you've decided to launch a Web server on the Windows platform. In that case, file security seems like an odd way to differentiate the two services. Generally, people choose Apache or IIS based on the applications they'll be running, their requirement to have access to the source code (Apache) or their need to integrate tightly with the Windows platform (IIS).
For either Apache or IIS, your primary method for securing files should be the operating system: NTFS file security. That'll function the same for either Web server. From there, both Web servers can be configured with filters to restrict paths, files and file types that can be retrieved. For IIS, check out the IIS Lockdown Tool freely available from Microsoft. In a nutshell, my answer is that both platforms provide comparable levels of file security when properly configured and maintained.
Dig deeper on Enterprise Infrastructure Management
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.