How to restrict folder access in asp.net
3641 ワード
How to restrict folder access in asp.net
回答1(ユーザー権限を考慮しない質問)
For the future generation the answer which works for me is to use hidden segments.
If you want to secure e.g. Uploads folder go to your root Web.config and add into
following element:
segment="Uploads"/>
This will prevent all users from direct access to Uploads folder and its content.
Very usefull, this works perfect if your site don't has roles or authentication
回答2
You can do like @klausbyskov mentions, to add
's to the root web.config, like: path="Admin"> roles="Administrator"/> users="*"/>
or you can add a web.config to the folder where you want to allow/deny access with the following content: xml version="1.0"?> roles="Administrator"/> users="*" />
Of course replace the
and
with you own rules
回答3
You should add a web.config file to said folder and put an
tag in the file, as described here.
segment="Uploads"/>
path="Admin"> roles="Administrator"/> users="*"/>
xml version="1.0"?> roles="Administrator"/> users="*" />