Stefan v.d Laarschot
Reputation: 129
How do you protect a page using a web.config file?
Heey Stackoverflowers
My question is: how do I protect a Page using web.config or Global.asax?
Example:
Direct url www.Yoururlhere.com/Account/Edit.aspx is currently accesible from url bar, but that is not what I want. I have a login page already with database etc working, only it's missing the protection to remove direct access or by Login.
Can you help me? My second web.config for Folder Account is as following:
<?xml version="1.0"?>
<configuration>
<system.web>
<location path="Edit.aspx"/>
</system.web>
<system.web>
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>
</system.web>
</configuration>
Upvotes: 3
Views: 2103
Answers (1)
Muhammad Akhtar
Reputation: 52241
You are writing in the wrong way. It should be like...
<configuration>
<location path="Account/Edit.aspx">
<system.web>
<authorization>
<allow users="*"/>
<deny users="?" />
</authorization>
</system.web>
</location>
</configuration>
Upvotes: 7
Related Questions
- Securing web.config settings
- How to deny access to a file with ASP.NET web config but not just locally?
- asp.net web config security
- How to solidly protect web.config
- Deny access to a webpage using web.config
- Web Protect ASP.NET Website
- Password-protect folder with web.config
- Protect Sub Folder using Web.config file?
- Specific page security on web.config
- making web.config password protected and use it in application