Configuring Backup & Migrate Module on IIS

Events happening in the community are now at Drupal community events on www.drupal.org.
You are viewing a wiki page. You are welcome to join the group and then edit it. Be bold!
Posted by mtndan on June 14, 2010 at 12:43pm
Last updated by pkiff on Tue, 2014-02-18 18:27

A recent update to backup_migrate module utilizes an .htaccess file to protect the server backups directory from access. Unfortunately, this functionality doesn't work in IIS and I found that when I tried to make a backup I got the following error:

  • Security notice: Backup and Migrate will not save backup files to the server because the destination directory is publicly accessible. If you want to save files to the server, please secure the 'sites/default/files/backup_migrate/manual' directory
  • Could not run backup because the file could not be saved to the destination.

It turns out the solution is quite simple if you have the right directions!

In IIS6 / Windows Server 2003?
1. Open IIS Manager
2. Navigate to the sites/default/files directory
3. Right click on the backup_migrate directory and select "Properties"
4. In the box with all the checkboxes, uncheck "Read"
5. Click "Apply", then "OK"

For IIS7 / Windows Server 2008
1. Open Windows Explorer
2. Navigate to the sites/default/files directory or where you've configured your backups to be stored.
3. Right click on the backup_migrate/manual directory and select properties. Select the security tab then advance button.
4. Add / modify the user IUSR click Deny for "List folder contents"
5. Click "Apply", then "OK"

  • In some cases, depend on the setting of IIS, the above solution may cause another error saying no permission to create or write on directory "backup_migrate\manual". It is hard to fix this problem by mess with directory's permission. To solve this issue, simply create a "files\private" directory outside your application folder (like c:\files\private...) and grant "IUSR" write permission.

See original issue on D.O. here http://drupal.org/node/799304

Note added in 2014:
The current recommended methods for protecting folder access under IIS 7 with Drupal 7 are to add some lines to your web.config file. Instructions on what lines to add are included in the README.txt file accompanying the Backup and Migrate module. A properly configured web.config file should eliminate both the security notice about the folder being publicly accessible and the need to modify IUSR permissions for that specific folder.

Categories:

Florida

Group organizers

Group categories

Florida Topics

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: