HOW TO: Create an FTP Folder with Read Access but Not List Access


This step-by-step article describes how to set up File Transfer Protocol (FTP) folders on an Internet Information Services (IIS) Web server so that a user can access files when the user knows only the file name and the folder contents are not listed.

Create the FTP Folder

  1. Create a folder that you want the FTP service to point to.
  2. Right-click the folder, click Properties, and then click the Security tab. Grant Full Control permissions to only the Administrators group.

    NOTE: Remove the Everyone group if it is present.
  3. Click Advanced, and then click Add to add a new rule.
  4. In the account selection list, double-click the Anonymous User account or the group that is used for FTP access.
  5. In the Apply Onto drop-down list, select Files Only.
  6. Click to select Allow for the following permissions:
    • List Folder/Read Data
    • Read Attributes
    • Read Extended Attributes
    • Read Permissions
  7. Click OK.
  8. Click Add to add another rule.
  9. Select the account that you selected in step 4.
  10. In the Apply Onto list, click to select This Folder only.
  11. Click to select Allow for the following permissions (note that List permissions are not listed):
    • Create Files/Write Data
    • Create Folders/Append Data
    • Write Attributes
    • Write Extended Attributes
    • Read Permissions
  12. Click OK until you have closed all of the property windows.

    Note If you apply these permissions to an existing folder or to existing files, you click to select the Reset permissions on all child objects and enable propagation of inheritable permissions check box before you click OK.