How To Deny Access To File But Allow Server | ansaurus

tags:

views:

29

answers:

2

Q:

How To Deny Access To File But Allow Server

I have a web application that has a configuration folder that houses multiple XML files that are configuration settings for multiple "portals" as you will. I need IIS to have access to them so the "portal" loads (sql connection strings, master page paths) but I want to deny any outside access (url browsing). Here's an example below:

http://www.mywebsite/virtualdirectory/configurationdirectory/configfile.xml

I need to restrict access to this file if you're browsing to it but still allow the system access to it so it can parse the "portal" that it's loading.

Any ideas?

+1 A:

You could do this with a rewrite rule

You can also do this with a Request Filtering rule

Conrad Frix 2010-10-14 17:58:52

Thanks so much Conrad!!! The Request Filtering is EXACTLY what I wanted!!

Keith 2010-10-14 18:29:31

A:

If the website doesn't need to serve XML files to the end user then remove it as a MIME type.

notandy 2010-10-14 18:03:06

This DOES cure the problem that I'm having but I went with Conrad's answer because I might want to serve XML files in another directory and/or setup security different. If I remove it as a MIME value, then I can't access it anywhere. But, thanks for the answer. This works too!

Keith 2010-10-14 18:32:34

No problemo. You could also remove the MIME value for just that folder.

notandy 2010-10-15 15:08:49

related questions

Is it better to create Model classes, or just stick with generic database utility class?

What are effective options for embedding video in an ASP.NET web site?

Visual Studio 2008 debugger already attached work-around

Tracking state using ASP.NET AJAX / ICallbackEventHandler

ASP.NET Display SVN Revision Number

ASP.NET URL Rewriting

How can I change the background of a masterpage from the code behind of a content page?

Easy way to AJAX WebControls

How do I define custom web.config sections with potential child elements and attributes for the properties?

ASP.NET MVC "CRUD" Database Sample

Are Multiple DataContext classes ever appropriate?

How to RedirectToAction in ASP.NET MVC without losing request data

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP.NET built in user profile, Vs old stile user class/tables

What's a good book for learning ASP?

Bandwith throttling in IIS 6 by IP Address

ASP .Net Custom Client-Side Validation

How to get the value of built, encoded ViewState?

Decent, simple, GIS/mapping component for ASP.NET?

Checklist for IIS 6/ASP.NET Windows Authentication?

How to write to Web.Config in Medium Trust ?

ASP.NET, Visual Studio and Subversion - how to integrate?

Floating Point Number parsing: Is there a Catch All algorithm?

How do I sync the SVN revision number with my ASP.NET web site?

ASP.NET Site Maps