I have a Windows 2008 R2 server with IIS7.5 installed. I need to provide users with read-write access to some directory tree via WebDAV. The same users will also be able to reach the same directories by other means - FTP, SFTP, CIFS, etc.
My aim: I don't want someone to be able to upload / modify web.config files in the published folders, thus modifying behavior of IIS. If such file is created, IIS should simply treat it as any other file.
Is it possible to concentrate all settings for the site in the applicationHost.config or in any other file outside the published tree, and make IIS ignore any additional web.config files?
Thanks!