Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP General > how to protect mdb

Reply
Thread Tools

how to protect mdb

 
 
Danny
Guest
Posts: n/a
 
      06-01-2004
Hello

how can you protect the .mdb that an asp page modifies?
This must be open to all for modifications right?
But how can it be hidden so people can't just download it if they guess the
path?

Thanks


 
Reply With Quote
 
 
 
 
Steven Burn
Guest
Posts: n/a
 
      06-01-2004
Simple..... stick it outside of the website root.

For example, if your setup is along the lines of;

\htdocs\your_website
\logs
\private

Place the MDB file inside the Private folder. This is out of reach of
internet users, and is still accessible to your applications.

When placing the file outside of the root, you will need to modifiy the path
to something along the lines of;

TheDB = "..\..\Private\TheDB.mdb"

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"Danny" <(E-Mail Removed)> wrote in message
news:1z1vc.13034$(E-Mail Removed) et...
> Hello
>
> how can you protect the .mdb that an asp page modifies?
> This must be open to all for modifications right?
> But how can it be hidden so people can't just download it if they guess

the
> path?
>
> Thanks
>
>



 
Reply With Quote
 
 
 
 
Aaron [SQL Server MVP]
Guest
Posts: n/a
 
      06-01-2004
http://www.aspfaq.com/2454

--
http://www.aspfaq.com/
(Reverse address to reply.)




"Danny" <(E-Mail Removed)> wrote in message
news:1z1vc.13034$(E-Mail Removed) et...
> Hello
>
> how can you protect the .mdb that an asp page modifies?
> This must be open to all for modifications right?
> But how can it be hidden so people can't just download it if they guess

the
> path?
>
> Thanks
>
>



 
Reply With Quote
 
Evertjan.
Guest
Posts: n/a
 
      06-01-2004
Curt_C [MVP] wrote on 01 jun 2004 in
microsoft.public.inetserver.asp.general:

> simply move it outside the WWW path


Or make an unguessable directory structure

/dsklfi958340/958kndlzzzz/my.mdb

[and prohibit directory browsing]

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
 
Reply With Quote
 
Steven Burn
Guest
Posts: n/a
 
      06-01-2004
Nah, even thats viewable (can't remember their names off hand but, there's a
few programs that allow one to connect directly to a website, and
view/download the file's and folders inside the root).

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"Evertjan." <(E-Mail Removed)> wrote in message
news:Xns94FBB7602933Eeejj99@194.109.133.29...
> Curt_C [MVP] wrote on 01 jun 2004 in
> microsoft.public.inetserver.asp.general:
>
> > simply move it outside the WWW path

>
> Or make an unguessable directory structure
>
> /dsklfi958340/958kndlzzzz/my.mdb
>
> [and prohibit directory browsing]
>
> --
> Evertjan.
> The Netherlands.
> (Please change the x'es to dots in my emailaddress)



 
Reply With Quote
 
Egbert Nierop \(MVP for IIS\)
Guest
Posts: n/a
 
      06-01-2004
"Steven Burn" <(E-Mail Removed)> wrote in message
news:O2PFfK$(E-Mail Removed)...
> Nah, even thats viewable (can't remember their names off hand but, there's

a
> few programs that allow one to connect directly to a website, and
> view/download the file's and folders inside the root).


Nope,

You mean directory browsing or webdav. Webdav is not so easy by default. You
must enforce non-anonymous access for webdav to be possible.

> --
>
> Regards
>
> Steven Burn
> Ur I.T. Mate Group
> www.it-mate.co.uk
>


 
Reply With Quote
 
Steven Burn
Guest
Posts: n/a
 
      06-01-2004
Not quite no.....

The following isn't the program I was referring to but, it's along the same
lines.

http://www.brothersoft.com/Internet_...ere_18303.html

I'll see if I can find the freeware one again........

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"Egbert Nierop (MVP for IIS)" <(E-Mail Removed)> wrote in
message news:OpU5UU$(E-Mail Removed)...
> "Steven Burn" <(E-Mail Removed)> wrote in message
> news:O2PFfK$(E-Mail Removed)...
> > Nah, even thats viewable (can't remember their names off hand but,

there's
> a
> > few programs that allow one to connect directly to a website, and
> > view/download the file's and folders inside the root).

>
> Nope,
>
> You mean directory browsing or webdav. Webdav is not so easy by default.

You
> must enforce non-anonymous access for webdav to be possible.
>
> > --
> >
> > Regards
> >
> > Steven Burn
> > Ur I.T. Mate Group
> > www.it-mate.co.uk
> >

>



 
Reply With Quote
 
Danny
Guest
Posts: n/a
 
      06-01-2004
Thanks everybody
i checked and I do not have access to anything other than web folder. I
checked with the ftp program and I cannot go back one directory. I guess I
should talk to web hosting company on that site?

Thanks

"Danny" <(E-Mail Removed)> wrote in message
news:1z1vc.13034$(E-Mail Removed) et...
> Hello
>
> how can you protect the .mdb that an asp page modifies?
> This must be open to all for modifications right?
> But how can it be hidden so people can't just download it if they guess

the
> path?
>
> Thanks
>
>



 
Reply With Quote
 
Steven Burn
Guest
Posts: n/a
 
      06-01-2004
EEK!..... they've not even given a private folder?.... (no offence but, I'd
be having serious talks with them <g>)

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


"Danny" <(E-Mail Removed)> wrote in message
news:T94vc.14532$(E-Mail Removed) et...
> Thanks everybody
> i checked and I do not have access to anything other than web folder. I
> checked with the ftp program and I cannot go back one directory. I guess

I
> should talk to web hosting company on that site?
>
> Thanks
>
> "Danny" <(E-Mail Removed)> wrote in message
> news:1z1vc.13034$(E-Mail Removed) et...
> > Hello
> >
> > how can you protect the .mdb that an asp page modifies?
> > This must be open to all for modifications right?
> > But how can it be hidden so people can't just download it if they guess

> the
> > path?
> >
> > Thanks
> >
> >

>
>



 
Reply With Quote
 
Aaron [SQL Server MVP]
Guest
Posts: n/a
 
      06-01-2004
A "private" folder is still only as secure as the file system and/or the FTP
credentials.

IMHO, Access is the wrong tool if a primary objective is security.

--
http://www.aspfaq.com/
(Reverse address to reply.)




"Steven Burn" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> EEK!..... they've not even given a private folder?.... (no offence but,

I'd
> be having serious talks with them <g>)



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
MDB to MDB Event Notification John Schult Java 0 05-04-2005 01:26 AM
Faster access to MDB? MS Access MDB and ASP =?Utf-8?B?UGhpbA==?= ASP .Net 8 01-27-2005 07:08 PM
Needed Visual Basic 6 Data.mdb's for course? J Microsoft Certification 2 10-23-2003 08:07 PM
win32 adodb/mdb; con.execute returns undef and not recordset. Vikas Yadav Perl 0 09-09-2003 09:10 AM



Advertisments