Solved

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.

Posted on 2009-04-01
4
248 Views
Last Modified: 2012-05-06
Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.
0
Comment
Question by:VENUS1121
  • 2
  • 2
4 Comments
 
LVL 23

Expert Comment

by:adilkhan
Comment Utility
I dont see a reason why not, this is the whole reason ASP.NET introduced the BIN folder idea, so we dont have to register DLL's. its secured dont worry.
0
 

Author Comment

by:VENUS1121
Comment Utility
I'm not worried about the dll itself, just the corresponding ini file that needs to reside in the bin directory also.  Do you feel the ini is secured from exploitation even though this anonymous account has access to it?  Thanks
0
 
LVL 23

Accepted Solution

by:
adilkhan earned 500 total points
Comment Utility
Bin directory is not visible to anonymous account.

A Better practice is to replace ini file with the web.config. is it possible for you to put the ini settings within web.config file and then simply access the KEYS within web.config  file.?
0
 

Author Comment

by:VENUS1121
Comment Utility
I'm not sure, is it common practice to take ini files and place within the web.config?  Would you have an example of how to do it?
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

New Relic: Our company recently started researching several products to figure out what were the best ways for us to increase our web page speed and to quickly identify performance problems that we may be having. One of the products we evaluated wa…
Lync server 2013 Backup Service Error ID 4049 – After File Share Migration
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now