Forums
This topic is locked
Secure Access DB
Posted 16 May 2003 14:22:44
1
has voted
16 May 2003 14:22:44 David Hagelthorn posted:
Need some help...urgently!I have an ASP (VB) site linked to an Access DB. The DB resides in a folder on my site, and when I type in the path to it in the browser I can access and download it to my hard drive. Obviously I don't want users to be able to do this.
My ISP have told me that I need to use Server.MapPath rather than an absolute path to my DB. Where can I put my Db so that no-one can access it? When I FTP, there are 3 folders in my _root: 'htdocs', 'private' and 'logfiles'. Is the 'private' directory a good place, and if so what would the path be?
Thanks for any help....
Replies
Replied 17 May 2003 01:23:06
17 May 2003 01:23:06 Phil Shevlin replied:
I'm not an expert but you need to put in a folder below the site root (probably HTDOCS). Private probably won't allow anonymous access. Can you create a folder alongside Private called datatbase? If so put it there.
However, I think you need to use an absolute path to reach files below the root.
Make a .asp file in the root of your site containing this
<%=(Server.MapPath("\"
)%>
Then browse it to determine the absolute path to your root. It will probably show something like:
d:\html\users\yourdomain\htdocs
This would mean your database directory would be
d:\html\users\yourdomain\database\yourdb.mdb
Edited by - wdglide on 17 May 2003 01:23:23
However, I think you need to use an absolute path to reach files below the root.
Make a .asp file in the root of your site containing this
<%=(Server.MapPath("\"
)%>Then browse it to determine the absolute path to your root. It will probably show something like:
d:\html\users\yourdomain\htdocs
This would mean your database directory would be
d:\html\users\yourdomain\database\yourdb.mdb
Edited by - wdglide on 17 May 2003 01:23:23
Replied 21 May 2003 00:14:12
21 May 2003 00:14:12 David Hagelthorn replied:
thanks a heap...this really helped