Just having an arguement with support at our web hosts.
It is hosted on a Windows server, unfortunately.
The admin area of the site's CMS was password protected, using (I assume) IIS's directory protection (same kind of thing as .htaccess).
Looking at the site yesterday, and it is no longer password protected. (Obviously not good - exposing all the site's content to hAcKKeRs or anyone who fancied changing news, deleting all the databases, etc)
Contacted support, and re-enabled it, and to find out what went wrong. They claim:
Quote:
|
All windows server a prone to loose the permissions settings. It happens all the time that is why all the hosting companies even design the tools for resetting permissions to the intitial ones for all sites hosted on windows.
|
Anyone experienced this before??
I know MS software if full of security holes, but routinely suddenly 'forgetting' to password protect a directory can't be right?
It sounds like support at bullsh*tting me - anyone got a 2nd opinon??
Cheers