By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,885 Members | 1,072 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,885 IT Pros & Developers. It's quick & easy.

static files and asp

P: n/a
I have a site that will be displaying static files to clients. Each client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder has a
folder for static files in it. How much more secure would it be if I moved
it out of the wwwroot and used a virtual directory?

Thanks
Mike
Jul 22 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
I guess I should have said these files are being accessed through fso, and I
will need the ability in asp to upload and create folders. That's all fine I
just wonder about what is the safest. Clients can't know who our other
clients are.

Mike

"Mike D" wrote:
I have a site that will be displaying static files to clients. Each client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder has a
folder for static files in it. How much more secure would it be if I moved
it out of the wwwroot and used a virtual directory?

Thanks
Mike

Jul 22 '05 #2

P: n/a
storing them outside the path but then adding a VD pretty much negates any
security gain. I mean if you already have the NTFS permissions set properly
and the site configured its the same, as far as what it would take to get to
the file, whether its a direct sub folder or one outside the www path

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Mike D" <Mi***@discussions.microsoft.com> wrote in message
news:22**********************************@microsof t.com...
I guess I should have said these files are being accessed through fso, and
I
will need the ability in asp to upload and create folders. That's all
fine I
just wonder about what is the safest. Clients can't know who our other
clients are.

Mike

"Mike D" wrote:
I have a site that will be displaying static files to clients. Each
client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder
has a
folder for static files in it. How much more secure would it be if I
moved
it out of the wwwroot and used a virtual directory?

Thanks
Mike

Jul 22 '05 #3

P: n/a
Asked a similar Q in the IIS NG........ see if the reply I got helps you

http://surl.co.uk/?1234

Original URL:
http://groups-beta.google.com/group/...fc48f8a1a82297

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"Mike D" <Mi***@discussions.microsoft.com> wrote in message news:22**********************************@microsof t.com...
I guess I should have said these files are being accessed through fso, and I
will need the ability in asp to upload and create folders. That's all fine I
just wonder about what is the safest. Clients can't know who our other
clients are.

Mike

"Mike D" wrote:
I have a site that will be displaying static files to clients. Each client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder has a
folder for static files in it. How much more secure would it be if I moved
it out of the wwwroot and used a virtual directory?

Thanks
Mike


Jul 22 '05 #4

P: n/a
On Thu, 3 Mar 2005 13:37:01 -0800, Mike D
<Mi***@discussions.microsoft.com> wrote:
I guess I should have said these files are being accessed through fso, and I
will need the ability in asp to upload and create folders. That's all fine I
just wonder about what is the safest. Clients can't know who our other
clients are.

Mike

"Mike D" wrote:
I have a site that will be displaying static files to clients. Each client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder has a
folder for static files in it. How much more secure would it be if I moved
it out of the wwwroot and used a virtual directory?


Probably not much. You couldn't access them directly by URL, but
you'd still need the permissions and those arewhat really protect
them. Authenticate users and only allow authenticated access and
you're pretty safe. Until someone guesses the account/password. Or
changes companies and takes the info with them. :)

Jeff
Jul 22 '05 #5

P: n/a
Thanks all for your replies. I guess I am not as far off track as I had
thought. When you put data out there and it's your a@@ if it is compromised
you try and think of everything.

Mike

"Steven Burn" wrote:
Asked a similar Q in the IIS NG........ see if the reply I got helps you

http://surl.co.uk/?1234

Original URL:
http://groups-beta.google.com/group/...fc48f8a1a82297

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"Mike D" <Mi***@discussions.microsoft.com> wrote in message news:22**********************************@microsof t.com...
I guess I should have said these files are being accessed through fso, and I
will need the ability in asp to upload and create folders. That's all fine I
just wonder about what is the safest. Clients can't know who our other
clients are.

Mike

"Mike D" wrote:
I have a site that will be displaying static files to clients. Each client
will have their owb directory locked down through NTFS permissions.
Currently I have a Client folder in the wwwroot then that client folder has a
folder for static files in it. How much more secure would it be if I moved
it out of the wwwroot and used a virtual directory?

Thanks
Mike


Jul 22 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.