how to protect mdb

D

Danny

Hello

how can you protect the .mdb that an asp page modifies?
This must be open to all for modifications right?
But how can it be hidden so people can't just download it if they guess the
path?

Thanks
 
S

Steven Burn

Simple..... stick it outside of the website root.

For example, if your setup is along the lines of;

\htdocs\your_website
\logs
\private

Place the MDB file inside the Private folder. This is out of reach of
internet users, and is still accessible to your applications.

When placing the file outside of the root, you will need to modifiy the path
to something along the lines of;

TheDB = "..\..\Private\TheDB.mdb"

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!
 
E

Evertjan.

Curt_C [MVP] wrote on 01 jun 2004 in
microsoft.public.inetserver.asp.general:
simply move it outside the WWW path
Click to expand...

Or make an unguessable directory structure

/dsklfi958340/958kndlzzzz/my.mdb

[and prohibit directory browsing]
 
S

Steven Burn

Nah, even thats viewable (can't remember their names off hand but, there's a
few programs that allow one to connect directly to a website, and
view/download the file's and folders inside the root).

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!


Evertjan. said:
Curt_C [MVP] wrote on 01 jun 2004 in
microsoft.public.inetserver.asp.general:
simply move it outside the WWW path
Click to expand...

Or make an unguessable directory structure

/dsklfi958340/958kndlzzzz/my.mdb

[and prohibit directory browsing]
Click to expand...
 
E

Egbert Nierop \(MVP for IIS\)

Steven Burn said:
Nah, even thats viewable (can't remember their names off hand but, there's a
few programs that allow one to connect directly to a website, and
view/download the file's and folders inside the root).
Click to expand...

Nope,

You mean directory browsing or webdav. Webdav is not so easy by default. You
must enforce non-anonymous access for webdav to be possible.
 
D

Danny

Thanks everybody
i checked and I do not have access to anything other than web folder. I
checked with the ftp program and I cannot go back one directory. I guess I
should talk to web hosting company on that site?

Thanks
 
S

Steven Burn

EEK!..... they've not even given a private folder?.... (no offence but, I'd
be having serious talks with them <g>)

--

Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!
 
A

Aaron [SQL Server MVP]

A "private" folder is still only as secure as the file system and/or the FTP
credentials.

IMHO, Access is the wrong tool if a primary objective is security.
 
D

Danny

Thanks again.
I just found out they keep everything in the root of the website.
I am using asp to access this database.
Is there anything I can do? or is making the path very obscure good enough?

thanks again
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

A website that I couldn't make a screenshot of it nor save any page from. 1
How to use PDF-lib and how to center each line of texts on the page? 1
Downloading a mdb file. 5
Password protect a link 5
How to go about building a crud app when you are a noob 1
Password protect .jpg or .pdf 2
How to start 0
Compile or Protect ASP Code? 6

Members online

No members online now.
Total: 34 (members: 1, guests: 33)
Robots: 482

Forum statistics

Threads
473,769
Messages
2,569,581
Members
45,056
Latest member
GlycogenSupporthealth

Latest Threads

Top