There are many sources that say that the %SERVERROOT%/inetpub/ must never ever be deleted or moved. And yes, I can agree with this, as updates to IIS update that directory blindly — they don’t actually query the system to see if the IIS inetpub directory is hosted elsewhere.
However, one can always leave that directory, and simply have web sites hosted elsewhere — one can always set the HTTP root for any site to anywhere on the system, especially a location on another drive. This, in particular, makes directory traversal attacks much more difficult.
With that said, has anyone had success both moving the inetpub directory as well as leaving it where it is at the same time? To be specific, I am looking to physically move the entire inetpub directory to D:\, but then create a symlink from C:\inetpub\ to D:\inetpub. I would like to know if anyone else has done this, and if the symlink (a hard link, /J, to be specific) was successful or not.
The target system is IIS on Windows 8,1. The eventual target will be IIS on Win2K12R2, or the Win2k16 (if it drops before our servers get rebuilt).
Best Answer
There's no need to create a symlink. You either move all your sites to another drive and change the paths directly from IIS, or change the paths via cmd line (registry edit) - see the link at the end of the message on how to do it.
The only problem is that the original directories need to stay, otherwise the next KB update that would try to update some files in that location, will fail. Of course, the probability of a KB update that needs to do this is very very low.
Link: http://blogs.iis.net/thomad/moving-the-iis7-inetpub-directory-to-a-different-drive
EDIT: Forgot to answer your question about the symlink, if it works or not. If you're thinking that symlinks in Windows work the same as in Unix - as I expected myself and also pointed out by MSDN article (see link in my 1st comment) then you are very wrong. In Unix you might trick your webserver to follow symlinks, but in Windows, the IIS does not. There is an alternative solution, though - see the link for it in my second comment.
Sorry to post the links like that but, this great website does not allow me to have more than 2 URL links in my comments...