views:

28

answers:

3

How to restrict folder access in asp.net like i dun want any other to see my Uploads folder in browser by link http://www.myweb.com/Uploads

Please help

+1  A: 

You should add a web.config file to said folder and put an <authorization> tag in the file, as described here.

klausbyskov
A: 

You can manage folder browsing in IIS settings.,

  • Open IIS Manager and navigate to the folder you want to manage.

  • In Features View, double-click Directory Browsing.

  • In the Actions pane, click Enable/Disable.

This is for IIS7.

you can also use commandline for this.

 appcmd set config /section:directoryBrowse /enabled:true|false

Hope this helps...
Happy Programming,

Vimal Raj
+2  A: 

You can do like @klausbyskov mentions, to add <authorization />'s to the root web.config, like:

<location path="Admin">
    <system.web>
        <authorization>
            <allow roles="Administrator"/>
            <deny users="*"/>
        </authorization>
    </system.web>
</location>

or you can add a web.config to the folder where you want to allow/deny access with the following content:

<?xml version="1.0"?>
<configuration>
    <system.web>
        <authorization>
            <allow roles="Administrator"/>
            <deny users="*" />              
        </authorization>
    </system.web>
</configuration>

Of course replace the <allow /> and <deny /> with you own rules

veggerby