My php website allows authorised users share documents by uploading and downloading documents to a document library.
I want to store the files encrypted on the server, and I am trying to use EFS, instead of explicitly encrypting/decrypting in php code on upload/download.
Server is windows server 2003/IIS
I have created a new user on my server, logged on as this user, then encrypted the folder containing the documents using EFS.
I now want to IIS to run my web application as so it can view the encrypted documents. However I am having trouble with this, as doesn't have all the permissions it needs, for example to write session files.
The other approac I have tried is to keep my website running under IUSR_Machine_Name built in user, and getting php to present user credentials when it wants to open a file for streaming, however, I'm stuck with this too.
Looking for advice on:
- Is EFS the right approach?
- What permissions would need for IIS to use it to run my web application?
- Is there any way in php to expicitly present user credentials at the point where php function fopen accesses my EFS encrypted files?