Under IIS, is there any easy way to turn off read permissions and just allow "script" permissions for every .cfm file within a site? This would be more secure against bugs like IIS exposing source code (http://www.allaire.com/handlers/index.cfm?ID=15220&Method=Full). I tried turning off read access at the directory level. When I do this, "http://myhost/index.cfm" still works fine, but "http://myhost/" gives a 403 error (Read Access Forbidden), even though my default document is set to index.cfm. And if I enable read access for "index.cfm" nothing changes. It looks like the directory needs to have read access enabled so that "http://myhost/" will load "http://myhost/index.cfm", which seems strange. thanks, Gregory M. Saunders, Ph.D. Senior Design Architect Cognitive Arts Corporation (http://www.cognitivearts.com) 120 S. Riverside Plaza, Suite 1520 Chicago, IL 60606 ------------------------------------------------------------------------------ Archives: http://www.eGroups.com/list/cf-talk To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
