Sites run in ASP are typically less secure by default. That doesnt mean the whole server, but the actual sites. With windows you have to be very careful the the permissions you allow the ASP user to have. Plus, php scales better and is cheaper to host. This is a great script! I run it on an IIS 7.5 windows server.