Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Security file path

Posted on 2008-06-13
5
Medium Priority
?
174 Views
Last Modified: 2010-04-11
I need help experts.
I have created a website that has a function to upload files to the certain path and all the files that are uploading through the site are not secured and anyone, if they just type in the path of the file, can have access to it.  How do I prevent this and add more security to it?
I am using ASP classic and MS SQL server 2003.
Thank you.
0
Comment
Question by:erin027
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 17

Expert Comment

by:CSecurity
ID: 21789824
You need to manage files using ASP, link to your files using ASP. Then put your files in somewhere which is not accessible from outside and using direct HTTP access. Then you can security checks, cookie checks, session checks etc. in ASP to prevent unwanted downloads.
You can do that like this:
Response.ClearHeaders();
Response.ClearContent();

Response.ContentType = "application/anytype"
Response.AddHeader("Content-Disposition", "attachment; filename="YourFileNameHere.extension")

Then with Response.Write write binary output of file you are trying to let user download.
0
 
LVL 17

Expert Comment

by:CSecurity
ID: 21789826
0
 
LVL 17

Accepted Solution

by:
CSecurity earned 2000 total points
ID: 21789832
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question