• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 280
  • Last Modified:

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file? This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.
0
VENUS1121
Asked:
VENUS1121
  • 2
  • 2
1 Solution
 
Saqib KhanSenior DeveloperCommented:
I dont see a reason why not, this is the whole reason ASP.NET introduced the BIN folder idea, so we dont have to register DLL's. its secured dont worry.
0
 
VENUS1121Author Commented:
I'm not worried about the dll itself, just the corresponding ini file that needs to reside in the bin directory also.  Do you feel the ini is secured from exploitation even though this anonymous account has access to it?  Thanks
0
 
Saqib KhanSenior DeveloperCommented:
Bin directory is not visible to anonymous account.

A Better practice is to replace ini file with the web.config. is it possible for you to put the ini settings within web.config file and then simply access the KEYS within web.config  file.?
0
 
VENUS1121Author Commented:
I'm not sure, is it common practice to take ini files and place within the web.config?  Would you have an example of how to do it?
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now