Reputation: 5866
How to make a folder and its content inaccessible via HTTP
I have a folder called "Template" in my project and want to make it inaccessible via HTTP. I added a web.config file. It makes the folder inaccessible but users can access any content in the folder.
They cannot access "Template" folder, but they can access "Template\index.html"
here is my web.config.
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<deny users="*"/>
</authorization>
</system.web>
</configuration>
how can I make the contents inaccessible?
Upvotes: 1
Views: 899
Answers (1)
Reputation: 748
This can be achieved by IIS Request filters. The same way the bin content is inaccessible for browsing.
Under the system.webserver section add the following. There I have enabled directory browsing just to check that even though the directory browsing is enabled users can't browse files in "Template" folder.
Set <directoryBrowse enabled="false" /> if directory browsing is not required.
<?xml version="1.0"?>
<configuration>
<system.webServer>
<directoryBrowse enabled="true" />
<security>
<requestFiltering>
<hiddenSegments>
<add segment="Template" />
</hiddenSegments>
</requestFiltering>
</security>
</system.webserver>
</configuration>
For more information refer this post.
Upvotes: 2
Related Questions
- how to deny user to access sub folders and file?
- Restrict access to file/folder in web.config
- How to Deny Access to specific folder in ASP.Net MVC 5
- How to restrict folder access in asp.net
- How to prevent access to a folder in ASP.NET
- What is the easiest way to completely prevent the http access to a subdirectory of the application?
- Deny users to access a folder
- Block visitors access to specific folder in asp.net
- Protect Sub Folder using Web.config file?
- Deny access to a folder in ASP.NET