Jo Cox
asked on
URL Rewrite
We have a website (IIS) that shows PDF's as part of the interface. In the URL it displays the path and filename to the location of the file. With some ingenuity a web-user could guess other filenames and access files they shouldn't.
I believe there is method that we can use to convert the path/filename part of the URL to a guid so as to obfuscate this info.
I was led to believe that a reverse proxy was the tool for the job. We have setup our sophos firewalls as such but this feature isn't happening.
If anyone could advise it would be much appreciated, my skills in this area are somewhat lacking so any pointers welcome.
Regards
Jo
I believe there is method that we can use to convert the path/filename part of the URL to a guid so as to obfuscate this info.
I was led to believe that a reverse proxy was the tool for the job. We have setup our sophos firewalls as such but this feature isn't happening.
If anyone could advise it would be much appreciated, my skills in this area are somewhat lacking so any pointers welcome.
Regards
Jo
You have to do this server side, note client side.
URL rewriting not the correct approach for more that a few files
URL rewriting not the correct approach for more that a few files
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for help guys. Jo
Encrypt the file names in the links.
Make a simple active page which decrypts that string coming from the URL parameter and then returns the file content.