We have many users on our servers who allow uploads in one form or another, from the users who browse their sites. It is to be remembered that by default all folders have execute permissions what that means is that if you are not doing any checking on the file types being uploaded to your webspace you are in for a site defacement. Anyone could then upload an asp/php etc file and play with files in your webspace.

Follow the following to steps if you want to increase security for upload folder(s)

1. Do some kind of file type checking, only allow what is required.

2. Open a ticket with us with the following information

Domain Name:
Uploads Folder:

And ask the tech to remove execute permissions from that folder through IIS.

Good Luck!

Well if there are no execute permissions at all then you will not be able to run anything at all and for every new site you will have to open a ticket, frustration all around :)

The second idea is very good of allowing the customers to do it but again this thing is limited by the control panel that we are using, it does not allow the customers to do that.

So the best solution that came to my mind was to ask the customers if they want extra security just open a ticket and we are fast at tickets arent we :)