to explain my purpose, this example of a directory structure:
The domain "example.com" has "C:\www\" as home directory, and the domain "member.example.com" has the home directory "C:\www\folder-1".
I want all clients, who connect with the "exmaple.com" to the ISS-Server have NO access to "C:\www\folder-1".
But if I connect with "member.example.com", I should have access.
PS: I'm using WordPress and want to "hide" the wp-admin folder.
In order to have both domains respond you would need to setup two websites in IIS, one for each host header with the home directories as described.
Then turn on authentication of some type (forms, integrated windows etc.) and ensure via your chosen authentication scheme that users have desired access to the website.
For the task of 'hiding wp-admin' you can take a look at this blog post relating to such a task on an IIS server or google on your own.
Don't do that.
Have the Member site exist outside the folder structure of the other site.
Otherwise, you're complicating your virtual vs physical site layout, and this can lead to problems, misconfigurations and exploits.
On its own, it's arguably a misconfiguration.
Instead, use completely separate folder structures for each website root:
C:\WwwFiles\ExampleSite -> www.example.com
C:\WwwFiles\Members -> members.example.com
Define each website as its own entity in IIS manager, pointing to the relevant path (using host headers if necessary).
This maintains both physical and logical site isolation, and avoids people being able to traverse the same directory structure for example.com to get into Members, without having to remember to secure it (or do stuff like Hidden Segments in URL Filtering, which would also do that).
