Reputation: 1575
ASP.NET Protect files inside folder
I have a shared hosting account in which I upload my ASP.NET application. I let the user upload .doc files inside a folder, the problem is I only want logged users to be able to download those files, so I wrote a dispatcher, you give it the id and it reads the file and writes it to the browser, hiding the file location, nevertheless I want to protect the directory where all the files are, so you can only download files using the dispatcher, I tried marking it as a password protected directory, but now ASP.NET can't get access either.
Upvotes: 0
Views: 917
Answers (2)
Reputation: 2344
The ideal solution would be to move the folder outside of the site root but I guess as you are using shared hosting this may not be possible.
One other solution would be to move docs to the App_Data folder which is protected by .NET (see here What is the App_Data folder used for in Visual Studio?)
Upvotes: 1
Reputation: 46415
You need to restrict the NTFS permissions on that folder to only allow the user your applicaiton is running as. This might be difficult in a shared host environment...
Upvotes: 2
Related Questions
- How to Prevent direct access to files and folders in asp.net?
- How to restrict folder access in asp.net
- How to prevent access to a folder in ASP.NET
- How to protect direct file access
- Protecting directory in asp.net is not working
- How do I protect a directory in asp.net MVC?
- Securing a folder in ASP.NET web directory
- How do you lock down & secure files stored on server in ASP.NET?
- protecting files with asp.net (mvc)