473,396 Members | 1,725 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > prevent users from accessing files

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Prevent users from accessing files

Hi All

We have an ASP application which links to various word and excel documents
stored in a folder called attachments.

The documents are extermely confidential in nature and we would like
restrict the access to them through the application only.

How can we prevent users from guessing the name of the document and reach it
by tying http://myserver/attachments/thisdocument.doc

Thanks in advance for your help.
Jul 22 '05 #1
4 1570
Stick them outside of the web root or password protect the folder......(the former is the best choice IMHO)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"JP SIngh" <no**@none.com> wrote in message news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi All

We have an ASP application which links to various word and excel documents
stored in a folder called attachments.

The documents are extermely confidential in nature and we would like
restrict the access to them through the application only.

How can we prevent users from guessing the name of the document and reach it
by tying http://myserver/attachments/thisdocument.doc

Thanks in advance for your help.



Jul 22 '05 #2
But I still need to display the hyperlinks to the files when displaying
relevant records.

Essentially I only want them to me able to view the hyperlink from the page
but not outside it.
"Steven Burn" <so*******@in-time.invalid> wrote in message
news:uh**************@TK2MSFTNGP09.phx.gbl...
Stick them outside of the web root or password protect the folder......(the
former is the best choice IMHO)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"JP SIngh" <no**@none.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi All

We have an ASP application which links to various word and excel documents
stored in a folder called attachments.

The documents are extermely confidential in nature and we would like
restrict the access to them through the application only.

How can we prevent users from guessing the name of the document and reach it by tying http://myserver/attachments/thisdocument.doc

Thanks in advance for your help.

Jul 22 '05 #3
http://www.aspfaq.com/show.asp?id=2276. this is for images but the same
approach should work for any file.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"JP SIngh" <no**@none.com> wrote in message
news:%2****************@TK2MSFTNGP14.phx.gbl...
But I still need to display the hyperlinks to the files when displaying
relevant records.

Essentially I only want them to me able to view the hyperlink from the page but not outside it.
"Steven Burn" <so*******@in-time.invalid> wrote in message
news:uh**************@TK2MSFTNGP09.phx.gbl...
Stick them outside of the web root or password protect the folder......(the former is the best choice IMHO)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"JP SIngh" <no**@none.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi All

We have an ASP application which links to various word and excel documents stored in a folder called attachments.

The documents are extermely confidential in nature and we would like
restrict the access to them through the application only.

How can we prevent users from guessing the name of the document and
reach it
by tying http://myserver/attachments/thisdocument.doc

Thanks in advance for your help.


Jul 22 '05 #4
you use ADO to stream the files once a user is logged in.. that way the real
location is unkown to the users

search www.aspin.com for more info on streaming files

applications like www.ASPProtect.com can also do it for you

"Mark Schupp" <no****@nospam.com> wrote in message
news:e3**************@TK2MSFTNGP15.phx.gbl...
http://www.aspfaq.com/show.asp?id=2276. this is for images but the same
approach should work for any file.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"JP SIngh" <no**@none.com> wrote in message
news:%2****************@TK2MSFTNGP14.phx.gbl...
But I still need to display the hyperlinks to the files when displaying
relevant records.

Essentially I only want them to me able to view the hyperlink from the

page
but not outside it.
"Steven Burn" <so*******@in-time.invalid> wrote in message
news:uh**************@TK2MSFTNGP09.phx.gbl...
Stick them outside of the web root or password protect the

folder......(the
former is the best choice IMHO)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

"JP SIngh" <no**@none.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
> Hi All
>
> We have an ASP application which links to various word and excel documents > stored in a folder called attachments.
>
> The documents are extermely confidential in nature and we would like
> restrict the access to them through the application only.
>
> How can we prevent users from guessing the name of the document and

reach
it
> by tying http://myserver/attachments/thisdocument.doc
>
> Thanks in advance for your help.
>
>



Jul 22 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
Prevent Premature clicking on a submit button while page is refreshed
by: anonieko | last post by:
Scenario: You have a page that is TOO slow to refresh. But it allows partial flushing of html contents. I.e. Submit button already appears but you don't want your users to click on it prematurely...
Javascript
7
Prevent Access DB from being opened twice
by: Douglas | last post by:
I have a frontend and backend database , program.mde and data.mdb on a client PC. How do i prevent them launching the program.mde more than once on a single PC? Somtimes they minizmise the program...
Microsoft Access / VBA
8
How to Prevent Table Updates in a Form
by: Smartin | last post by:
I have a form in Access97 which facilitates a query against a production Access database. Users will enter some search terms and see a datasheet view of the results in a subform. The prod table is...
Microsoft Access / VBA
0
global component to manage current users
by: wh | last post by:
The application that I'm about to start working on requires maintaining a list of users currently accessing an asp.net application running on IIS5.0. I essentially need to monitor which xml files...
ASP.NET
2
Prevent two users from accessing the same file at the same time
by: Shawn | last post by:
Well, the subject sais it all. What is the best approach to prevent this from happening? Thanks, Shawn
ASP.NET
1
Way to prevent file being deleted, only way to delete is uninstall
by: crka.crka | last post by:
Does anyone know a way to prevent a file being deleted so the only way to delete is via unistallation? Help would be very much appreciated.
C# / C Sharp
3
re Prevent loading of php pages
by: Phil | last post by:
Jerry posed some good ideas, a while back, on website a security issue that comes up often. Gary Jones was asking how to keep users from directly accessing php pages, out of sequence. Jerry...
PHP
4
Prevent user from accessing any page directly without Login ?
by: Luqman | last post by:
How can I Prevent user from accessing any page directly without Login ? User should not be able to by pass the Login screen by typing the Url of any page directly. I am using ASP.Net 2.0 with...
ASP.NET
3
Prevent Paste
by: GarryJones | last post by:
I found this handy little script on the net that means the user can only press backspace or numbers in form input. <script type="text/javascript"> function numbersonly(e){ var...
Javascript
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!