ASP.NET and ACCESS
I'm writing a website using ASP.NET and the website uses an access database file. This database file contains password information, and i just found out that if someone found out the name of the access file, they can directly download it by simply entering it in the url.
and IE will automatically download the file. How do I prevent that from happening?
Well the easiest way for you to do it without having access to the web server is to open your database up in Access and password protect it. So then you have to enter a password to open it up in Access.
So if someone does figure the name of your database, and they do download it, they can't view whats in it.
Also name the database something other than like 'users' or 'database'; go for something difficult for someone to guess.
sitename.database.databasename.mdb :-D no one would guess something like that.
|All times are GMT +1. The time now is 01:46 AM.|
Powered by vBulletin®
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.