Solved

Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.

Posted on 2009-04-01
4
251 Views
Last Modified: 2012-05-06
Should I allow an ISAPI-based url rewriter dll and ini file to be place within the application root's \bin file?  This is an ASP.net site (framework v2.0) using IIs v6 on windows 2003.
0
Comment
Question by:VENUS1121
  • 2
  • 2
4 Comments
 
LVL 23

Expert Comment

by:Saqib Khan
ID: 24043011
I dont see a reason why not, this is the whole reason ASP.NET introduced the BIN folder idea, so we dont have to register DLL's. its secured dont worry.
0
 

Author Comment

by:VENUS1121
ID: 24044919
I'm not worried about the dll itself, just the corresponding ini file that needs to reside in the bin directory also.  Do you feel the ini is secured from exploitation even though this anonymous account has access to it?  Thanks
0
 
LVL 23

Accepted Solution

by:
Saqib Khan earned 500 total points
ID: 24046223
Bin directory is not visible to anonymous account.

A Better practice is to replace ini file with the web.config. is it possible for you to put the ini settings within web.config file and then simply access the KEYS within web.config  file.?
0
 

Author Comment

by:VENUS1121
ID: 24154101
I'm not sure, is it common practice to take ini files and place within the web.config?  Would you have an example of how to do it?
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now