Configuring for Microsoft's IIS version 5 Server

Follow these steps to configure ShopSite to run with Microsoft Internet Information Services version 5. Be sure to go step by step through these instructions, or ShopSite will not work.

Table of Contents

I. Create a User Account for the Merchant
II. Set User Rights for the Merchant
III. Create ShopSite Virtual Directories
IV. Set Authentication Methods
V. Set Access Permissions
VI. Enable Logging

  1. Create a User Account for the Merchant

    2. Each merchant must have a unique Windows user account, and the account name must be the same as the store ID specified in the store.auth file.

    1. Open the Computer Management window by clicking Start® Programs® Administrative Tools® Computer Management.

    2. Click the plus sign next to Local Users and Groups, then click the Users folder.

    3. Click the Action menu, then click New User....

    4. Enter the username and password for the merchant. Fill in the other fields according to the policies for your server. Click Create, then click Close.

    5. By default, the new account will be a member of the "Users" group. If necessary, change the group membership of the account, according to the policies of your server.

    6. Close the Computer Management window.

  2. Set User Rights for the Merchant

    3. If you put the new merchant account in a group that has permission to log on locally, you can skip this section and proceed to Create ShopSite Virtual Directories.

    1. Open the Local Security Settings or Domain Security Settings window by clicking Start® Programs® Administrative Tools® Local Security Policy or Domain Security Policy.

    2. Click the plus sign next to either Local Policies or Domain Policies, depending on whether your server is a standalone server or a domain controller.

    3. Click User Rights Assignment.

    4. In the right pane, double-click Log on locally.

    5. In the Security Policy Setting dialog box, click the Add button to open the Select Users or Groups dialog box.

    6. From the Name list, double-click the new merchant account, and then click the Add button. Click the OK button at the bottom of the dialog box.

    7. The merchant's user account should now be listed in the Assigned To box of the Security Policy Setting dialog box (you may have to scroll the list to see it). Verify that the Policy Setting boxes are checked according to the policies of your server, then click the OK button.

    8. Close the Security Settings window.

  3. Create ShopSite Virtual Directories

    4. Because the ShopSite, Shopping Cart, and images directories are not located under the Web server root, you must create virtual directories that are aliases of the actual directories. You must also set the correct permissions for those virtual directories.

    1. Open the Internet Information Services window by clicking Start® Programs® Administrative Tools® Internet Services Manager (the structure of your Start menu may be different).

    2. Click the plus sign (+) next to your server's name, then click Default Web Site.

    3. Right-click on the shopsite directory.

    4. Select New and then Virtual Directory to start the Virtual Directory Creation Wizard.

    5. Click Next to advance to the Virtual Directory Alias screen. Enter "ss" as the alias for the ShopSite virtual directory.

    6. On the next screen, browse to the C:\Program Files\ShopSite\ss directory, then click Next.

    7. On the next Wizard screen, check the Execute box. Do not check any of the other boxes for access permissions.

    8. Click Nextand then the Finish button.

    9. Repeat steps 3 through 8, but this time use "sc" for the virtual directory alias, and link it to the C:\Program Files\ShopSite\sc directory.

    10. Repeat steps 3 through 6 to create a virtual directory named "images" for the C:\Program Files\ShopSite\images directory. When you get to the screen for setting access permissions, only check the Read box.

  4. Set Authentication Methods

    5. The ss virtual directory must be password-protected and only allow access to the merchant. Other directories must allow access to all Web users.

    1. From the Internet Informatin Services window, click the shopsite directory in the left pane so that the sc, ss, and images directories are visible in the right pane.

    2. Right-click on the ss directory, then select Properties from the pop-up menu.

    3. On the Virtual Directory tab, uncheck the Log visits box, unless you want to track how often the merchants access their stores. ShopSite does not use this information to generate reports.

    4. Click the Directory Security tab, then click the Edit button in the Anonymous access and authentication control section.

    5. Check the Basic authentication box, and uncheck the Anonymous access and Integrated Windows authentication boxes. Click the Yes button when asked if you're sure you want to enable anonymous access. These settings will allow merchants to access ShopSite with their username and password, but will keep others out of this directory.

    6. Click OK to return to the "ss Properties" dialog box, then click OK again to return to the Internet Information Services window.

    7. Right-click on the sc directory, then select Properties from the pop-up menu.

    8. On the Virtual Directory tab, uncheck the Log visits box, unless you want to track customer traffic on the order form. ShopSite does not use this information to generate reports.

    9. Click the Directory Security tab, then click the Edit button in the Anonymous access and authentication control section.

    10. Check the Anonymous access box, and uncheck the Basic authentication and Integrated Windows authentication boxes. These settings will allow customers (anonymous Web users) to access the checkout and order form CGI programs in the Shopping Cart directory.

    11. Click OK to return to the "sc Properties" dialog box, then click OK again to return to the Microsoft Management Console.

    12. Repeat steps 7 through 11 for the images directory to allow anonymous access.

    13. From the Internet Information Services window, right-click the StoreName directory in the left pane, then click Properties. (This directory will contain the store pages.)

    14. On the Directory tab:
      • Make sure that the Log visits box is checked so that IIS tracks customer visits to the store. ShopSite uses this information to generate reports.
      • Enable Read access, but do not enable Write access.
      • Unless it is your policy for your server, do not check the boxes for "Directory browsing" and "Index this resource." ShopSite does not need these features, but having them enabled will not interfere with ShopSite.
      • In the Execute Permissions drop-down list (the bottom of the dialog box), select None to prevent merchants from running any kind of scripts or programs from their store pages. If your hosting policy allows merchants to include scripts or CGI programs in their stores, make the appropriate selection. These settings for the store's HTML output directory are not related to the settings for the ShopSite and Shopping Cart CGI directories.

    15. Click the Directory Security tab, then click the Edit button in the Anonymous access and authentication control section.

    16. Check the Anonymous access box, and uncheck the Basic authenticationt and integrated Windows authentication boxes. These settings will allow customers (anonymous Web users) to browse the store's pages.

    17. Click OK, then click OK again to return to the Internet Information Services window.

    18. Close the Internet Information Services window.

    This table summarizes the IIS settings for ShopSite virtual directories:

    Virtual Directory Alias Physical Path Access Permissions Authentication Method
    shopsite/ss C:\Program Files\ShopSite\ss Execute (including Script) Basic Authentication
    shopsite/sc C:\Program Files\ShopSite\sc Execute (including Script) Anonymous Access
    shopsite/images C:\Program Files\ShopSite\images Read only Anonymous Access
    StoreName
    (not a virtual directory)    		 C:\InetPub\wwwroot\StoreName Read only Anonymous Access

  5. Set Access Permissions

    6. In addition to configuring Web server access and authentication, you must configure directory access permissions through Windows Explorer.

    1. From the task bar, click Start® Programs® Accessories® Windows Explorer.

    2. Browse to the ShopSite directory, which the Standard install put at c:\Program Files\ShopSite.

    3. Right-click on the ss directory in the right pane, then select the Properties option.

    4. Select the Security tab.

    5. If "Everyone" appears in the Name list, select it and then click the Remove button (unless it is the policy on your server to allow everyone access to all directories).

    6. Click the Add button to open the Select Users, Computers, or Groups dialog box.

    7. Scroll down the Name list and select the merchant account that you created earlier.

    8. Click the Add button.

    9. If you want Windows Administrator accounts to have access to this directory (generally a good idea), select the "Administrator" account or "Administrators" group and click the Add button.

    10. Select the Internet Guest Anonymous Access account and click the Add button. The name for the anonymous account will usually be IUSR_ServerName.

    11. Click OK.

    12. In the ss Propertiesdialog box, be sure that the merchant account name is selected, then click the Full Control checkbox. Do the same for the Administrator account or group.

    13. Select the Internet Guest Account and set all permissions to Deny.

    14. Click OK to exit the Properties dialog box.

    15. Repeat the above steps to set the permissions on all ShopSite directories to match this table (the Administrator account should always have Full control):

      Directory Merchant Access Type Internet Guest Access Type
      C:\Program Files\ShopSite\ss Full control Deny everything
      C:\Program Files\ShopSite\sc Full control Modify
      C:\Program Files\ShopSite\images Full control Read
      C:\Program Files\ShopSite\data\StoreName Full control Modify
      C:\InetPub\wwwroot\StoreName Full control Read

  6. Enable Logging

    7. To view the Web Server statistics (hits, pages viewed, etc.) from ShopSite, the server log format needs to conform to the NCSA format. Follow these steps to set the logging format.

    1. Open the Internet Information Services window by clicking Start® Programs® Administrative Tools® Internet Service Manager.

    2. Click the plus sign (+) next to your server's name.

    3. Right click on Default Web Site, then click Properties.

    4. Ensure that the Enable Logging box is checked.

    5. Select NCSA Common Log File Format for the Active log format.

    6. Click OK.

    Note: You must configure each ShopSite store to read the log file from the appropriate directory. If the NCSA Logging Properties are set to rotate the log file, you must reconfigure ShopSite each time the log file name changes. An alternative solution is to have a program automatically append the contents of the current log to a known file before a new log file is created, and configure ShopSite to read from the known file.