Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeGetting StartedGetting StartedInstalling DNN ...Installing DNN ...SQL Server connection- install of DNN 4.00.02 with SQL Server 2005 and Windows server 2003SQL Server connection- install of DNN 4.00.02 with SQL Server 2005 and Windows server 2003
Previous
 
Next
New Post
3/7/2006 7:01 PM
 
k w

Joined: 2/8/2006
Posts: 40

hooligannes wrote
Each site that points to the same DNN code will share the same DB.

That being the case, every website on a server that wishes to run its own DNN, will also require it's own separate folder for the code. This renders the default "C:\DotnetNuke" a moot point and probably not even a good idea. Installing the DNN code within the folder structure for the respective website(s) probably makes more sense, especially if website admins already have appropriate permissions set for those folders.

The tricky bit is that DNN seems to require Write permissions for the Network Service account. I'm not sure that's a very good idea, but maybe I'm worried about a non-issue.

I'm guessing that it is probably a bad security pratice to make the DNN folders browseable and readable, although I don't know for certain how IIs handles that if the folder is also a virtual directory target.

This suggests that integrated windows authentication might be the best choice of security, handling DNN changes and SQL connection. That should minimize server/user administration. Potentially, on a large DNN installation, a user group might be justified, if there are multiple administrators.

Lots of things to consider here! Is there a document (or good book) that delves into the security best practices peculiar to DNN, or would a generic dotnet security guide be good enough?

 
 
New Post
3/7/2006 8:23 PM
 
Néstor Sánchez


www.nestorsanchez.net
Joined: 11/15/2003
Posts: 1986

You are confised about the proper set of permissions needed and what they are for. This is something that pertains to IIS and APS.NET and not DNN. Any web application that writes to the file system requires some kind of permission. DNN implements the setup in case, to leverage ASP.NET best practices. In fact DNN applies best practices, to follow recommendations from MS and others whenever possible. These practices, liberate module developers from some of those pesky security tasks.

You can post more questions about DNN security to Cathal Connolly, who has extensive experience in security issues and topics. The best place to do that is perhaps the "Let's Chat About It" forum. On top of that, read the material Microsoft has on security for developers. There's plenty of info in the miriad of MS sites, MSDN has specific information as well as tutorials and webcasts.

Do you know the truth when you hear it?
Néstor Sánchez
The Dúnadan Raptor -->Follow Me on Twitter Now!
 
New Post
3/14/2006 11:05 PM
 
Nathan Westby

Joined: 4/11/2005
Posts: 1
Thank you. Thank you.

Like many others, I've spent the last two days trying to install DNN on my dedicated W2K3 Server without success. My problem seemed to be that I also have PLESK 7.5.6 installed and that utility is what I used to create the domain's website. So, Plesk manages and creates many other windows user accounts to run the web processes. I finally found that I needed to give modify,read, write rights to the IWAM_plesk(default) user account. Your steps above though are right on and for some reason made more sense to me than the documentation.
 
New Post
3/19/2006 8:22 PM
 
David Osborn

Joined: 3/15/2006
Posts: 8
I followed these steps and got a lot farther that I have before.  I was able to access the DNN site through the Visual Web developer built in web server while it was running, but I still cannot access the site through IIS.  I setup a virtual directory to point the the folder that the website was saved into.  If I do http://localhost/MYWEBSITE/  I get page cannot be displayed.  If I do http://localhost/MYWEBSITE/default.aspx I also get page cannot be displayed.  If I do http://localhost/MYWEBSITE/403-3.gif I do get the gif file to appear, so I am assuming that it has something to do will aspx pages. 

Thanks in advance for the help!
 
New Post
7/7/2006 12:34 AM
 
David Lumley

www.go-real.net
Joined: 5/3/2006
Posts: 107
I dont know if this is relevant - I had similar issues on a server insall I carried out but had luckily seen a piece about setting the asp.net access in the directory which seemed to help
see 4 in DotNetNuke intallation pdf
Dave DNN 4.3.5 IIS - 6 ?? SQL Server 2005
 
 Page 6 of 6
Previous123...56 
Previous
 
Next
HomeHomeGetting StartedGetting StartedInstalling DNN ...Installing DNN ...SQL Server connection- install of DNN 4.00.02 with SQL Server 2005 and Windows server 2003SQL Server connection- install of DNN 4.00.02 with SQL Server 2005 and Windows server 2003


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out