Advertisement

04.30.2008 at 05:31PM PDT, ID: 23367337
[x]
Attachment Details

Possible to prevent a user from typing in the direct path to a file on an IIS hosted website?

Asked by amichaell in Microsoft IIS Web Server

Tags: , , , ,

I've a site I'm trying to set up on a Windows 2003 Server using IIS6.  It has a MySQL database with a front end written in PHP.  Users are authenticated via account details in the database rather than through the server's local users.  They are authenticated through HTML forms, which are passed to a PHP function for authentication against the database.

The problem I'm having is that you can still type in the full path to a file if you happen to know it (e.g. http://www.mysite.com/somefiles/dir1/myfile.pdf).  Doesn't matter how, or if, you are authenticated against the database.  I'm not sure of how to overcome this.  I can restrict NTFS security on the site for the IUSR account, but then no one can read the file.  

Anyway, hopefully this is a simple problem to overcome and I'm just overlooking a simple solution.

Thanks,

Michael
Start Free Trial
 
Keywords: Possible to prevent a user from typing i…
Title
1 Unable to get PHP on Windows 200…
2 How to setup PHP on IIS 5.1
3 PHP with IIS6 and MySQL
4 Restore IUSR
5 Troubleshooting PHP on IIS 6
6 PHP sessions only work locally - IIS …
 
Loading Advertisement...
 
[+][-]04.30.2008 at 05:52PM PDT, ID: 21475757

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 07:55PM PDT, ID: 21476274

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.30.2008 at 08:21PM PDT, ID: 21476329

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]05.01.2008 at 07:42AM PDT, ID: 21479073

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.02.2008 at 07:23PM PDT, ID: 21491054

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Microsoft IIS Web Server
Tags: Microsoft, IIS, 6, PHP, Internet Explorer
Sign Up Now!
Solution Provided By: meverest
Participating Experts: 2
Solution Grade: A
 
 
[+][-]05.05.2008 at 04:48AM PDT, ID: 21499242

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.05.2008 at 11:04AM PDT, ID: 21501763

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]05.05.2008 at 11:15AM PDT, ID: 21501849

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628