I have a subdirectory in my root folder by the name files. I want to deny direct access to files under this directory. However my application can read and write to this directory programatically.
+2
A:
If possible try to locate the files under the App_Data folder, which is intended as a store for data files that are used by the web application but not served directly to the users.
Fredrik Mörk
2009-08-12 11:12:06
+1
A:
in web.config, you can set up authorisation on the sub-directory
<location path="name of subdirectory">
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</location>
As Fredrik points out, the App_Data folder may be a better place to put these files. What type of files are they?
Russ Cam
2009-08-12 11:12:58
I have a bin folder not App_Data. I have used it and got the result i was waiting for.
Manjoor
2009-08-13 11:27:14
you can add an APP_DATA folder by right-clicking the project > ADD > Add ASP.NET folder > APP_DATA
Russ Cam
2009-08-13 11:31:53
This article may be of use to you - http://msdn.microsoft.com/en-us/library/ex526337.aspx
Russ Cam
2009-08-13 11:35:06
A:
Add to your web.config section
<location path="YourPath">
<system.web>
<authorization>
<deny users="*" />
</authorization>
</system.web>
</location>
Dewfy
2009-08-12 11:13:44