Protecting files on a web server

Results 1 to 2 of 2

Thread: Protecting files on a web server

  1. #1
    Join Date
    Dec 1969

    Default Protecting files on a web server

    I have a password protected site. The other day, to my horror, I discovered anyone can download files if they know the full path to them. We will soon be accepting subscriptions to our site, with the subscriber having the ability to download technical manuals by clicking on a hyperlink.<BR><BR>I read an interesting article on protecting .mdb files provided by this site at, which I am taking to heart. However, if the same procedures are taken to protect a .pdf file from being downloaded by knowing the path to it, can the member with a username and password still click on a hyperlink and download the file they want?<BR><BR>Regards, shawn

  2. #2
    Join Date
    Dec 1969

    Default Atrax has done it for you... ASP.<BR><BR><BR><BR>The trick is that you put the files in some directory that is *NOT* part of the Virtual Directory. The web server can *only* serve up files that are in a virtual directory. (If that weren&#039;t true, don&#039;t you imagine that every hacker in the world would be reading every file on your computer???)<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts