Sorry in advance, for this seems to be a very noobish question and should be easily fixable, yet I can't work it out: I am setting up windows authentication for a website running on IIS 8.5: The Yii framework of the website takes input like http://localhost/mywebsite/index.php/site/loginand processes it, using the "login" action of the "site" Controller. I flipped on URL Rewrite to have nicer URLs, leaving the URL with /mywebsite/site/login. Now I need to set up windows authentication for this location. Very specifically ONLY for this very exact location. Only the /site/login location of mywebsite needs to have authentication. Every other location needs to have anonymous. Since it is a "virtual location", I don't know how to do it. I can set up win-auth for files, directories, virtual directories, etc. but not for virtual locations that do not map to any file but only to a Controller/Action in Yii. The working counterpart in Apache is but i can't "translate this into IIS". I have read that IIS does have the "~" symbol but I just couldn't make it work yet. Could it be used to achieve authentication on a location basis? I have looked around virtual directories as well, which seem to simply be a kind of "symlink" to actual folders on the harddrive. Can they be used differently to "create a virtual folder in a location that doesn't really exist to manage its properties"? Help is much appreciated.