Simple Security Problem

Results 1 to 2 of 2

Thread: Simple Security Problem

  1. #1
    Rob Allen Guest

    Default Simple Security Problem

    Hi, <BR><BR>This is probably very easy but I&#039ve been unable to find out this information.<BR><BR>We have an NT asp project hosted externally. Within our root directory we have an access database name.mdb - which contains some customer information. Now if someone goes onto the site and types in URL/name.mdb then they can download the database - we do not want this to happen. What&#039s the simplest method of ensuring that no one can download the database - I&#039ve heard there are ACL files which control permissions or is this something you can manage with frontpage.<BR><BR>Thanks in advance <BR>Rob Allen

  2. #2
    olav Guest

    Default RE: Simple Security Problem

    I&#039ve had the same problem and came up with the following solution:<BR><BR>1 Through FTP make 2 new directories in the FTP-root: &#039databases&#039 and &#039www&#039<BR>2 Copy your complete website to the &#039www&#039-directory and your database to &#039databases&#039<BR>3 Ask your hosting-provider to change the webroot to the&#039www&#039-directory<BR><BR>This way the database is outside the webroot and inaccessable for visitors and you have still access to it through your FTP-account and the ASP-pages. (Don&#039t forget to change the access-strings in your ASP-pages to point to the new location of the database or have the DSN&#039s changed if that&#039s the way you set it up initially)<BR><BR>Note: If your hosting-provider is not willing to do this, then find another one which will. It takes them only 1 minute to change this. (had problems with one before and changed to another one myself).<BR><BR>Hope this helps !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts