Securing a folder from public access

[Ian B]

This is a basic question for anyone who knows what they're doing with
web server admin so hopefully someone will be able to assist me
here!...

I have a www based asp.net application which allows users to upload
images (screen captures for fault reporting). These files get saved
in the folder www.<domain>.co.uk/uploadedfiles/<filename>.

I want to prevent public users from being able to see these uploaded
files but I want to provide an aspx page where authorised users
(support personnel) can log in to view them so asp.net must be able to
see these files.

Directory browsing is disabled so that makes it difficult for users to
know the file names but it does not prevent determined users from
getting at the files.

How can I set up the security for this folder so that asp.net can see
the files (to show them in a web form to authorised users) but public
users cannot see them by simply typing the URL?

I have tried (on a local development server) disabling anonymous
access to the folder but all that does is give me a login dialog box
to see the image. I want it to be seamless: no dialog box! Plus I am
concerned that the login credentials might be passed in clear text.
Also, I'm not sure if that would work on the live server anyway.

Note: The site is hosted on a shared server - I do not have control
over the server so I cannot do much testing to find the answer but the
hosting company is very good so, if someone can provide the answer,
I'm sure they'll set it up for me!

Thanks

Ian

 

[Cowboy \(Gregory A. Beamer\)]

You have complete control of your server and can decide what context each
request runs under. As you are going to authenticate support personnel, you
can then take control of the threads their sessions are running under and
temporarily run them under an account that has access to the images. You
cannot allow IUSR/ASP.NET access without the potentially having a hacker
search for the files.

If support personnel are in the domain, you can also create a logon page
that uses Windows Authentication and set up a Support Group that has rights
to the image folder(s). This is an even easier method than hijacking the
thread when support personnel are logged in (as they will control the thread
essentially), but may also require some help from the networking people (if
that is you, no problem).

Another option is dropping the files into a persistant storage mechanism,
like SQL Server and programatically handling the display. This is a rather
heavy solution for your scenario.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

**********************************************************************
Think Outside the Box!
**********************************************************************

 

[Ian B]

Thanks for the response, Gregory.

Unfortunately, I do not have complete control over the server! The
website is hosted on a public, shared server by a separate company.
They are pretty good at helping out with my requests but wouldn't
really go any further than fairly basic configuration changes. At
some stage in the future we may rent a dedicated server or even host
the site ourselves but, in the meantime, your first and second
suggestions aren't feasible.

Your third suggestion may be the way to go for now. We already have a
SQL server database and we also have a support area, secured with
forms authentication over SSL. Another option (for now) is that I
could simply disable anonymous access to the folder and have the
support personnel use an FTP client to download the files - the
product that the site supports is still new with a small user-base and
therefore I don't expect to get too many files uploaded at this time
so this would work for the time being.

If you or anyone else has any comments or ideas then I'd be grateful.

Thanks again
Ian