Web user able to view contents of the folder

I have a webpage the uses a folder structure such as


when I type in

I am able to see all the pages tha tin that folder.  THis is a MAJOR security risk, being some of the pages are for administrators.  Any help?  I am using IIS 6

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shane Russell2nd Line Desktop SupportCommented:



Other then that just set the security settings for the folders you do not want other users to be able to access / view.

Let me know if these help you out any :)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ralf KlattEmployee in Civil ServiceCommented:

You'd probably better place your IIS question at http://www.experts-exchange.com/Web/Web_Servers/IIS/

The links Gecko provided will give you lots of information ... as a small addon to Gecko's suggestions have a look at the Access-Control Process: http://www.microsoft.com/resources/documentation/IIS/6/all/techref/en-us/iisRG_SEC_19.mspx

If this is also about disabling certain applications on IIS level you might find this suggestion useful:
Please open your IIS Service Manager and expand the "Main Site" tree ... there you choose the site you're up to modify, right click and select "Properties ...

Screenshot: http://www.vb-development.de/exex/YourWeb_Properties.jpg

... on the virtual directory tab you choose "Configuration" ...

Screenshot: http://www.vb-development.de/exex/application_configuration.jpg

... there you'll find "Extension", "Executable Path" and "Verbs" (the screenshots are of IIS5 because my DC has an English OS, on my clients I only have German IIS6 versions running -> but that specific part is equal from IIS5 to IIS6!) ...

Best regards,
Shane Russell2nd Line Desktop SupportCommented:
Raisor strikes again LOL J/K. Anyway I hope our suggestions help you out !
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.