• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file? This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.
0
VENUS1121
Asked:
VENUS1121
  • 2
  • 2
1 Solution
 
Saqib KhanSenior DeveloperCommented:
I dont see a reason why not, this is the whole reason ASP.NET introduced the BIN folder idea, so we dont have to register DLL's. its secured dont worry.
0
 
VENUS1121Author Commented:
I'm not worried about the dll itself, just the corresponding ini file that needs to reside in the bin directory also.  Do you feel the ini is secured from exploitation even though this anonymous account has access to it?  Thanks
0
 
Saqib KhanSenior DeveloperCommented:
Bin directory is not visible to anonymous account.

A Better practice is to replace ini file with the web.config. is it possible for you to put the ini settings within web.config file and then simply access the KEYS within web.config  file.?
0
 
VENUS1121Author Commented:
I'm not sure, is it common practice to take ini files and place within the web.config?  Would you have an example of how to do it?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now