A Web site is an effective resource for sharing files and information with users on your local network, on the Internet, or both.

But in some cases, you might need to allow only authorized users to access certain portions of a Web site. For example, you might want to make sensitive documents available to a select group of users or post information about a confidential project only to those people working on the project.

Enabling authenticated access to a portion of a Web site is relatively easy. Follow these steps:

1. Create a folder on an NTFS volume that contains the files for the secure portion of the site, and configure NTFS permissions to restrict access based on individual accounts or a group. Place the content (documents, Web pages, etc.) in the folder.

2. Open the IIS console, right-click the virtual server, and choose New | Virtual Directory. Create a virtual directory that points to the new folder using the Virtual Directory Creation Wizard.

3. In the IIS console, right-click the newly created directory, and choose Properties.

4. On the Directory Security tab, click Edit, deselect the Anonymous Access option, choose one or more authentication methods from the Authenticated Access group, and click OK.

5. Click OK to close the server's properties, and close the IIS console. Browse to the virtual directory in your Web browser to verify that it prompts you for a username and password to access the directory.

There are other means of controlling access to a portion of a Web site, but these require code development for the site. Disabling anonymous access and controlling access with NTFS permissions requires no Web development capability, and it's the quickest solution