«

"Phillip Windell" <@.> wrote in message
news:...
> I recommend the same as the others, but if you can't do it that way then
you
> could rename the file something obscure and give it an HTM extension (like
> "fh496jfu6.htm"). The browser would (assuming they ever figured the name
> out) always try to render it rather than download it and it would of
course
> fail to display. Your connection string would have to be altered to match
> the name and I don't think it will care what the file extension is,..I
don't
> think it has to be MDB extension to work.
>
> Obviously I don't think that is the best solution, but it might work if
that
> is all you are able to do. I'll admit that I haven't tested it,...it is
> just a brainstorm,...I guess I got bored.

Good solution, But I have to see if the other extension will work or not.
But as you told this is not the best solution, and as other suggested to
move to other folder avove wwwroot so I will go for that, But still will try
to see if the extension change will work or not.

Thanks
Prabhat

Do you have a directory on your site that is set to not allow IIS to read
from it (cgi-bin directories are usually like this)? If so, put the DB in
there. If not, can you create such a directory (or have your ISP create it)?

--
--Mark Schupp


"Prabhat" <> wrote in message
news:...
>
> "Bob Barrows [MVP]" <> wrote in message
> news:...
>
>> If using Anonymous, then the IUSR and IWAM accounts will require modify
>> access to the folder containing the database. otherwise, all users will
>> require that level of permission.
>
> Thanks for that info. My website using Anonymous access so I think I have
> to
> give permissin for both IUSR and IWAM user.
>
> Prabhat
>
>

http://support.cjwsoft.com/code/code...nload+database


"Prabhat" <> wrote in message
news:...
> Hi All,
>
> I have a website setup which has MS-Access DB. The web pages are in ASP
> and uses ADO to connect to DB. The DB is located in the Folder
> "/Database". I have the Connection string setup in the Global.asa file.
>
> As my virtual Directory is "/" and all files and folders including the
> "Database" folder are with in the folder so any one who knows the Database
> folder name and database name can directly download the database from the
> website.
>
> The physical Directory for the virtual directory is: -
>
> d:\mywebsite
> d:\mywebsite\database
> d:\mywebsite\DLLs
> d:\mywebsite\images
> d:\mywebsite\include
> d:\mywebsite\stylesheet
> d:\mywebsite\template
>
> How Can I restrict the database to be access directly from web? Please
> suggest all alternatives that I can opt for.
>
> Thanks
> Prabhat
>
>