For purposes of basic security, the initial default has the server enabled only while in the File Server View dialog, but with no access limitations. This default limits the timeframes during which the server is open or vulnerable to access, but still keeps things easy enough for a new user to get started transferring files. Read the following section to better understand some of the security implications of having the file server active.
Although the WebDAV protocol is a standard, different WebDAV servers and clients may have implementations that differ from the standard in one or more ways that can sometimes make interoperability difficult. As such, it is possible that one or more WebDAV clients may not work with the iSilo™ WebDAV file server.
However, once you are successfully able to transfer files using the initial default settings, you are encouraged to add password protection to the server. But taking into consideration possible interoperability difficulties, it is altogether possible that although you may be able to successfully transfer files with no password protection, you might find that adding password protection makes it impossible to transfer files.
iSilo™ provides a number of different options in the File Server View dialog for customizing when the server is active and what types of access restrictions to impose.
Because the above settings also limit access to the Public folder, it means that once you transfer files to the device, you should move those files to a folder outside of the Public folder. If you transfer files from the device, you must of course place the files in the Public folder first before you can copy them from the device using a web browser or WebDAV client, and then after copying the files, delete them from the Public folder. By limiting access to the Public folder, if anyone should be able to guess your user name and password, they would only be able to access files in the Public folder. This latter point implies that you should never leave any private files in the Public folder for any length of time beyond that needed to transfer them.
Setting the option to not allow web file listings prevents someone who does guess your user name and password from getting a listing of your files using a web browser. Although it would not prevent that person from downloading a file from the Public folder if the person knew the name of the file.