The Anonymous user is used for public access (browsing) to your web Site. Anonymous access is the most common web site access control method. It allows anyone to visit the public areas of your web sites while preventing unauthorized users from gaining access to your web server's critical administrative features and private information.
Here is a way Microsoft explain who the Anonymous user is:
|For example, if you imagine your Web server as a museum, enabling Anonymous access is like inviting the public to visit the museum's public galleries and exhibits. However, you would probably lock particular rooms, such as offices and laboratories that you did not want the public to visit. Similarly, when you configure Anonymous access for your Web server, you can apply NTFS permissions to prevent ordinary users from accessing private files and directories.|
We recommend setting the access level for the Anonymous user to Read, unless you do not need to write files in a particular directory, for example where the database file is located.
In case you use database files, the Anonymous user should be granted Change permission to the directory. You should be very careful here: granting anonymous user "change" access to the web server root directory (Htdocs) allows anyone to connect to your virtual server and modify files. That is why we strongly recommend that all users place databases in the /Database directory in the virtual server root (one level above /Htdocs) for additional security.
You may still need to temporarily allow Change permission for Anonymous user when installing some applications on your web site. In case you need to allow Write (Change) permissions for the Anonymous user, please submit the Write Access For Anonymous User via the Extended Services portal.
Read our knowledge base article on How Do I Manage User/File level permissions? for more information on how to manage access permissions.