Protecting files

23 Dec 2005 7:59 PM

tshad

How would I protect all my files from someone getting access to my
asp,htm,gif,jpg etc. files?

I can protect my .aspx files using Forms Authentication and dropping the
following in my specific folders.

<configuration>
<system.web>
    <authorization>
      <deny users="?" />
      <deny users="tSmith" />
    </authorization>
</system.web>
<location path="default.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
</location>
<location path="addLogin.aspx">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
</location>

But this only seems to work with aspx files

Thanks,

Tom

23 Dec 2005 9:58 PM

Spam Catcher

"tshad" <tscheider***@ftsolutions.com> wrote in news:OLls0t$BGHA.1288

@TK2MSFTNGP09.phx.gbl:

> How would I protect all my files from someone getting access to my
> asp,htm,gif,jpg etc. files?

In IIS, you need to map all document types to the ASP.NET ISAPI filter. I
think by default only ASP* file types are mapped to it.

--
Stan Kee (spamhoneypot@rogers.com)