that  local  machine.  For  more  information  on  securing  IIS,  please 

review the IIS documentation.  

Be sure not to allow anonymous access! 

6.  Now  restrict  access  to  the  accounts  you  want  by  using  NTFS 

permissions. Open up Explorer and navigate to the wwwroot subfolder 

under  RemoteModerator  folder  in  the  MailSecurity  installation  path. 

Right click on the `wwwroot' sub folder and select properties and then 

the Security tab. 

7.  Add  /  remove  the  users  /  groups  you  want  to  allow  access  to  the 

Remote Moderator Client. To allow access only to users forming part 

of  the  administrators  group  you  would  set  the  security  tab  as  in  the 

screenshot.  Click  OK.  You  have  now  secure  the  web  based 

moderator. 

Setting the Web based Moderator NTFS permissions. 

If you are using GFI DownloadSecurity: 

You need to exclude the URL of the web based moderator, in order to 

avoid duplicate quaranting of files. To do this: 

1. 

Open  up  the  ISA  Management  console.    Expand  the  Server 

node  where  GFI  DownloadSecurity  is  installed,  and  go  to  the 

Extensions     Web  Filters  sub  node.  Right click  on  the 

DownloadSecurity filter item in the right pane of the ISA Management 

console. 

2. 

In  the  DownloadSecurity  Filter  Properties  dialog  box,  add  the 

domain of the server where you have installed the Remote Moderator 

Client,  to  the  Do  not  scan  these  URL's  list.  Press  the  OK  button  to 

close  the  dialog  box.  This  will  cause  GFI  DownloadSecurity  not  to 

check files on the web based moderator website. 

Quarantining 

 51