How to restrict folder access in asp.net

by

For the future generation the answer which works for me is to use hidden segments.

If you want to secure e.g. Uploads folder go to your root Web.config and add into <system.webServer> following element:

<security>
  <requestFiltering>
    <hiddenSegments>
      <add segment="Uploads"/>
    </hiddenSegments>
  </requestFiltering>
</security>

This will prevent all users from direct access to Uploads folder and its content.

More Related Contents:

  1. Can some hacker steal a web browser cookie from a user and login with that name on a web site?
  2. What are all the user accounts for IIS/ASP.NET and how do they differ?
  3. What is the App_Data folder used for in Visual Studio?
  4. How serious is this new ASP.NET security vulnerability and how can I workaround it?
  5. X-Frame-Options Allow-From multiple domains
  6. Asp.net Identity password hashing
  7. Session Fixation in ASP.NET
  8. Redirect to a page with endResponse to true VS CompleteRequest and security thread
  9. How to Customize ASP.NET Web API AuthorizeAttribute for Unusual Requirements
  10. Cannot use a leading ../ to exit above the top directory
  11. How to limit page access only to localhost?
  12. Form Authentication – Cookie replay attack – protection
  13. Is there a way to keep a page from rendering once a person has logged out but hit the “back” button?
  14. Why do ASP.NET JSON web services return the result in ‘d’?
  15. Web authentication state – Session vs Cookie?
  16. aspx.cs need explain to me [closed]
  17. Where does Console.WriteLine go in ASP.NET?
  18. Getting RAW Soap Data from a Web Reference Client running in ASP.net
  19. Reading web.config from JavaScript
  20. How to allow download of .json file with ASP.NET
  21. asp.net cookies, authentication and session timeouts
  22. asp.net mvc Adding to the AUTHORIZE attribute
  23. how to set a default ‘enter’ on a certain button
  25. How to implement reCaptcha V3 in ASP.NET
  26. How to decide which is right, WebForms or MVC when doing ASP.NET
  27. From where CultureInfo.CurrentCulture reads culture
  28. Does any change in any file inside bin folder cause application recycle in ASP.NET web application?
  29. Editing resource files without recompiling ASP.NET application
  30. Decompile Precompiled Source Code ASP.NET

Leave a Comment