I did a clean server installation.
OS Version: Microsoft Windows NT 6.3.9600.0
Web Server Version: Microsoft-IIS/8.5
.NET Framework Version: 4.0.30319.42000
ASP.NET Identity: IIS APPPOOL\xxxxx
Host Name: -
Site URL: -
Relative Path: /
I have created a separate application pool identify, set it as follow: (Identity = ApplicationPoolIdentity, Load User Profile = True )
Next, I set the Folder Permission (read, write, list) for D:\HostingSpaces\xxxxx\wwwroot using the application pool identity.
Unfortunately, the Analyzer still showing this, what did I miss?
|CheckDiskAccess : Checks extra drives/folders access permission outside the website folder
Hackers could access drives/folders outside the website
D:\HostingSpaces\xxxx - Read:Y, Write:Y, Create:Y, Delete:N
D:\HostingSpaces - Read:Y, Write:Y, Create:Y, Delete:N
D:\ - Read:Y, Write:Y, Create:Y, Delete:N
C:\ - Read:Y, Write:Y, Create:Y, Delete:N
E:\ - Read:Y, Write:Y, Create:Y, Delete:N
One more thing, in the dnn host dashboard, I saw CAS permission to be "ReflectionPermission, WebPermission, AspNetHostingPermission"
is this normal?
Thank you for your kind help.