Two questions I would like to ask, hope don't mind. <BR>Q1: I have online application running on a WIN2000AdvancedServer machine, which I didn't install any firewall programs or anything. What can I do to increase the security level on the server and more protection on the online application? Appreciated for any comments!<BR>Q2: People can simply view the source of the online application interface, and find out the asp process file (Let say is process.asp). They can type in http://www.yahoo.com/process.asp, and add a empty record to the database. How can I prevent this? Can I use: <BR><BR>if Not(noi=" ")<BR>then response.redirect ("http://www.yahoo.com/index.asp")?<BR><BR>And Is it possible to prevent people from view my page source?<BR>Again, I really appreciated for any comments! Thanks!!!