Dear Dudes, How can I prevent HTTP access to my .MDB files?

  • Thread starter Thread starter Babbling Brooke
  • Start date Start date
B

Babbling Brooke

Dear Dudes,

I have a hosted ASP.NET website, and I want to prevent HTTP access to my
..MDB database file. The following is in my web.config at root of website:
.. . .
<httpHandlers>
<add verb="*" path="*.mdb" type="System.Web.HttpForbidden­Handler"/>
</httpHandlers>
.. . .
However, this had no effect. If I type http://www.mywebsite.com/db/mydb.mdb
in Internet Explorer, I get the dialog allowing me to open or save the file.

Any futher suggestions?
 
It has no effect because database files are not processed by the
aspnet_isapi filter. Two ways you can do this, configure the virtual root
to send the MDB files through the aspnet_isapi.dll filter, or move the file
out of the virtual root. The later is preferable.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

verbs for custom http handler work only on dev machine? 3
Cannot load my custom HttpHandler 5
ReportViewer - ReportViewerWebControl.axd - query string problem withName URL Parameter 0
What is the assembly name to use for new ASHX files 6
HTTP Handler not executed 2
Blocking files via. web.config 2
How to control vritual directory not requests dlls on top directory? thanks 2
How prevent users from dl my mdb 1

Back
Top