01-12-2005, 01:38 AM
My site is on a Windows 2000 Server and does not support .htaccess. Right now I have each page having its own little code at the top password protecting it. My problem is that if someone has a direct link to the images or the PDF documents, they can just download them. Is there a way for me to password protect the directory they are in using asp? I have a whole system setup for multiple members area and a login manager. I am using an access database that is located outside of the web, so it cannot be accessed through the web. I'd love to be able to integrate that with the password protected directories. Any ideas? Thanks.
01-12-2005, 04:01 AM
If you can't password protect the folder directly you might consider this idea to make the actual locations of your content less able to be detected:
Serving Dynamic Images from Static Web Pages - 5/24/2000
Note the Response.Redirect to the filename as the last line of code in /scripts/ShowPictureOfTheDay.asp. Whatever image you need to dynamically display (be it a banner ad, a "Picture of the Day," or a random image), you will always want a Response.Redirect at the end pointing to the image to display.
And in the static page:
01-12-2005, 04:16 AM
This is how you password protect your web directory in IIS.
Go to Default Web Site property dialog box, Directory Security tab, click [Edit] button for the Anonymous access section, then uncheck the Anonymous access checkbox and check Basic authentication and/or Integrated Windows authentication. See the help section for more details of the options.