Saturday, November 26, 2005

Protected Directories in ASP.NET

By default, ASP.NET 2.0 will block access to all URLs that contain directory segments named App_Data, App_Code, App_Browsers, App_WebReferences, App_GlobalResources, and App_LocalResources anywhere in the URL. ASP.NET 1.1 and 2.0 will both also block access to the /Bin directory. This support is conditional on having the aspnet_filter.dll ISAPI filter registered with IIS, which is done by default during ASP.NET installation. By placing your content in these directories, you can prevent HTTP access to it regardless of the file extensions being requested.

Adopted from Are You Protected? Design and Deploy Secure Web Apps with ASP.NET 2.0 and IIS 6.0 by Michael Volodarsky.


At 6:01 PM, Anonymous Fabric Menders said...

Hey Wenfeng Gao,

Your blog "Protected Directories in ASP.NET", leads me to believe you will find my information on our Best Career Wages site to be very beneficial.

Some of the not so common searches that found our extensive wages site included ...

Electrical Installers & Repairers Wages
Electronics Installers & Repairers Wages
Electrical Transportation Equipment Repairers Wages
Electrical Industrial Equipment Repairers Wages
Electrical Powerhouse Equipment Repairers Wages
Electrical Substation Equipment Repairers Wages
Electrical Power-line Repairers Wages
Electronic Motor Vehicle Equipment Repairers Wages.

We have many hundreds of "essential to read" articles on wages and career topics in addition to many other popular subjects in our Average Career Wages site.

Best Wishes


Post a Comment

<< Home