Hello,

I'm trying to do some research into finding out the best way to make a secure website that has FTP capabilities to update the information on this site, but it has to be secure of course for HIPPA.

Does anyone know if ISS provides this type of capability? We already have a secure license to make payments.

If anyone has any experience with this, would you mind offering some help?

IIS isn't able to have Secured connections to FTP.

The most secure way is unplug it. Sorry but the risks are what they are risks. You would be best to segergate the network with a DMZ and dual nics in the machine. Then create its own Windows Domain for Internet facing machines (Excluding Exchange).

You could purchase secure FTP server or such but the facts are FTP isn't the greatest method of transfering data securely. Your best method is HTTP post of SSL.

Your best method is HTTP post of SSL.

Sounds good. How would one go about this? If you don't mind...

I am saying this jsut to be anti-windows, but IIS has a long history of security faults. I have never heard of any security faults with say Pro-FTPd, but that is generally Linux package.

Lets not start that again. Thats like the Mac's saying they are secure just because they are mac;s fact is that its the most widely used operating system and that is going to bring more viruses and security issues.

Sounds good. How would one go about this? If you don't mind...
you have to buy a SSL license, verisign comes to mind. then have the server setup to you can use https instead of http. you will need to write your own scripts to upload stuff if that is what you want.

That is correct or install the Certificate Manager and issue your own keys.

afterburn, Pro-FTPd is a primarily a Linux package, and Linux by design has been proven to be more secure than Windows on so many different places, and don't given all the **** about Windows been more used. The majority of websites are powered by Linux, how come you never heard of any really major virus's for that. I quite happy if you wish to go into great detail as to the evidence as to why Linux packages are less likely to get hacked - and they are a damn site less likely to get hacked if you setup your system properly.

jatos, if the user doesn't have a choice then linux is out of the question. hence why they posted in the windows forum.

I was originally just telling him to avoid IIS, but when athalus gave what in my mind is a load of rubbish about why Windows is really more secure I wasn't going to let it go easily.

Anyway its just occured to me, Xitami pro may have what you are looking for, www.xitami.com