Asp.net protect folders Shared or Vps Hosting

I have some doubts how can I protect certain folders on a shared or vps hosting environment. If I want to protect the main site folder and eg the folder where the source code is, can do something like:?

<configuration>
 <location path="subdir1">
 <system.web>
 <authorization>
 <denny users ="*" />
 </authorization>
 </system.web>
 </location>
 </configuration>

Open in new window

<configuration>
 <location path="subdir1">
 <system.web>
 <authorization>
 <denny users ="*" />
 </authorization>
 </system.web>
 </location>
 </configuration>

Open in new window

rflorencioAsked:
Who is Participating?
 
Carl TawnConnect With a Mentor Systems and Integration DeveloperCommented:
Are you trying to deny access to all files in a folder, or to specific types of files in a folder?

If it's the latter, you need a slightly more complex config to filter based on extension. Example:
<location path="some_directory">
    <system.web>
        <httpHandlers>
            <add verb="*" path="*.aspx" type="System.Web.HttpForbiddenHandler" />
        </httpHandlers>
    </system.web>
</location>

Open in new window

Using deny="*" will prevent all access to the directory, whereas the config in the example above will block all .aspx files in the location only.
0
 
Carl TawnSystems and Integration DeveloperCommented:
Are you talking about access through a browser, or access through via the OS?

Web.config is only going to allow you to restrict access via a browser. If people on the VPN have access to the server itself then you are going to need to rely on proper ACL at the OS levels to protect the folders.
0
 
rflorencioAuthor Commented:
I'm talking about access through a browser.
0
 
Carl TawnSystems and Integration DeveloperCommented:
In that case, yes, what you have should do the trick - insomuch as you are denying access to all users to that folder. Apart from the denny / deny typo :)
0
 
rflorencioAuthor Commented:
So in this case the users can see the html pages in browser but does not have access to the . Aspx or other files in protected folders , right?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.