how secure is the gloabl.asa?

It usually depends on how safe your server is...
But other then that, pretty safe.

I persoanlly wouldn't store passwords or anything in it, if that's what you are trying to do.

i was thinking about storing one username and password in it yes. but can the global file get downloaded on a web ripping program? or on older browers if you put the full path to it in the address bar?

This might interest you
http://www.codingforums.com/showthread.php?s=&threadid=21220&highlight=global.asa

I don't think the focus should be on security (don't think there is any additional problem there, compared to using an include with .asp or .php ...extension) but performance and flexability --> changing the username and password would mean that the application is restarted + check out glenngv's link on connection pooling.

the username and password would be a static one never changes well almost never but very rarely.

The global.asa can't be downloaded from the web.
http://24.226.62.28/global.asa - Can't download mine.

But again, it all comes back to the server you use. A crapy server might accually allow you to download it, and in olderversions on IIS you can vew the global.asa code!

thats what i wondered so is it the server or the brower that tell you what u can and cant download?

Blue, server... Deffinatly!

oh right cheers for that.