app_data folder security...

M

mike

when website publish on web server the files of app_data such as database
file *.mdf

is it safe? is it common
 
J

Juan T. Llibre

Yes, it is safe. Thay cannot be directly requested from the web.

Any *.mdf files placed in the App_Data directory are covered by:

<add path="*.mdf" verb="*" type="System.Web.HttpForbiddenHandler" validate="true" />

That's included in your base web.config
in the CONFIG subdirectory of the .Net Framework 2.0.

See the web.config.comments file in that directory
for a complete list of protected files.



Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
======================================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

APP_Data and sql server 3
app_data folder question! 2
App_data folder question? 2
Exclude App_Data from SourceSafe 2
MDF file vs. Local Sql Server...what's the connection? 12
Need a very small (one table) database!!! 5
App_Data files 1
SQL Database Has Overstayed its Welcome 5

Top