how to protect mdb

Discussion in 'ASP General' started by Danny, Jun 1, 2004.

  1. Danny

    Danny Guest

    Hello

    how can you protect the .mdb that an asp page modifies?
    This must be open to all for modifications right?
    But how can it be hidden so people can't just download it if they guess the
    path?

    Thanks
     
    Danny, Jun 1, 2004
    #1
    1. Advertising

  2. Danny

    Steven Burn Guest

    Simple..... stick it outside of the website root.

    For example, if your setup is along the lines of;

    \htdocs\your_website
    \logs
    \private

    Place the MDB file inside the Private folder. This is out of reach of
    internet users, and is still accessible to your applications.

    When placing the file outside of the root, you will need to modifiy the path
    to something along the lines of;

    TheDB = "..\..\Private\TheDB.mdb"

    --

    Regards

    Steven Burn
    Ur I.T. Mate Group
    www.it-mate.co.uk

    Keeping it FREE!


    "Danny" <> wrote in message
    news:1z1vc.13034$...
    > Hello
    >
    > how can you protect the .mdb that an asp page modifies?
    > This must be open to all for modifications right?
    > But how can it be hidden so people can't just download it if they guess

    the
    > path?
    >
    > Thanks
    >
    >
     
    Steven Burn, Jun 1, 2004
    #2
    1. Advertising

  3. http://www.aspfaq.com/2454

    --
    http://www.aspfaq.com/
    (Reverse address to reply.)




    "Danny" <> wrote in message
    news:1z1vc.13034$...
    > Hello
    >
    > how can you protect the .mdb that an asp page modifies?
    > This must be open to all for modifications right?
    > But how can it be hidden so people can't just download it if they guess

    the
    > path?
    >
    > Thanks
    >
    >
     
    Aaron [SQL Server MVP], Jun 1, 2004
    #3
  4. Danny

    Evertjan. Guest

    Curt_C [MVP] wrote on 01 jun 2004 in
    microsoft.public.inetserver.asp.general:

    > simply move it outside the WWW path


    Or make an unguessable directory structure

    /dsklfi958340/958kndlzzzz/my.mdb

    [and prohibit directory browsing]

    --
    Evertjan.
    The Netherlands.
    (Please change the x'es to dots in my emailaddress)
     
    Evertjan., Jun 1, 2004
    #4
  5. Danny

    Steven Burn Guest

    Nah, even thats viewable (can't remember their names off hand but, there's a
    few programs that allow one to connect directly to a website, and
    view/download the file's and folders inside the root).

    --

    Regards

    Steven Burn
    Ur I.T. Mate Group
    www.it-mate.co.uk

    Keeping it FREE!


    "Evertjan." <> wrote in message
    news:Xns94FBB7602933Eeejj99@194.109.133.29...
    > Curt_C [MVP] wrote on 01 jun 2004 in
    > microsoft.public.inetserver.asp.general:
    >
    > > simply move it outside the WWW path

    >
    > Or make an unguessable directory structure
    >
    > /dsklfi958340/958kndlzzzz/my.mdb
    >
    > [and prohibit directory browsing]
    >
    > --
    > Evertjan.
    > The Netherlands.
    > (Please change the x'es to dots in my emailaddress)
     
    Steven Burn, Jun 1, 2004
    #5
  6. "Steven Burn" <> wrote in message
    news:O2PFfK$...
    > Nah, even thats viewable (can't remember their names off hand but, there's

    a
    > few programs that allow one to connect directly to a website, and
    > view/download the file's and folders inside the root).


    Nope,

    You mean directory browsing or webdav. Webdav is not so easy by default. You
    must enforce non-anonymous access for webdav to be possible.

    > --
    >
    > Regards
    >
    > Steven Burn
    > Ur I.T. Mate Group
    > www.it-mate.co.uk
    >
     
    Egbert Nierop \(MVP for IIS\), Jun 1, 2004
    #6
  7. Danny

    Steven Burn Guest

    Not quite no.....

    The following isn't the program I was referring to but, it's along the same
    lines.

    http://www.brothersoft.com/Internet_Browsers_Browse_Anywhere_18303.html

    I'll see if I can find the freeware one again........

    --

    Regards

    Steven Burn
    Ur I.T. Mate Group
    www.it-mate.co.uk

    Keeping it FREE!


    "Egbert Nierop (MVP for IIS)" <> wrote in
    message news:OpU5UU$...
    > "Steven Burn" <> wrote in message
    > news:O2PFfK$...
    > > Nah, even thats viewable (can't remember their names off hand but,

    there's
    > a
    > > few programs that allow one to connect directly to a website, and
    > > view/download the file's and folders inside the root).

    >
    > Nope,
    >
    > You mean directory browsing or webdav. Webdav is not so easy by default.

    You
    > must enforce non-anonymous access for webdav to be possible.
    >
    > > --
    > >
    > > Regards
    > >
    > > Steven Burn
    > > Ur I.T. Mate Group
    > > www.it-mate.co.uk
    > >

    >
     
    Steven Burn, Jun 1, 2004
    #7
  8. Danny

    Danny Guest

    Thanks everybody
    i checked and I do not have access to anything other than web folder. I
    checked with the ftp program and I cannot go back one directory. I guess I
    should talk to web hosting company on that site?

    Thanks

    "Danny" <> wrote in message
    news:1z1vc.13034$...
    > Hello
    >
    > how can you protect the .mdb that an asp page modifies?
    > This must be open to all for modifications right?
    > But how can it be hidden so people can't just download it if they guess

    the
    > path?
    >
    > Thanks
    >
    >
     
    Danny, Jun 1, 2004
    #8
  9. Danny

    Steven Burn Guest

    EEK!..... they've not even given a private folder?.... (no offence but, I'd
    be having serious talks with them <g>)

    --

    Regards

    Steven Burn
    Ur I.T. Mate Group
    www.it-mate.co.uk

    Keeping it FREE!


    "Danny" <> wrote in message
    news:T94vc.14532$...
    > Thanks everybody
    > i checked and I do not have access to anything other than web folder. I
    > checked with the ftp program and I cannot go back one directory. I guess

    I
    > should talk to web hosting company on that site?
    >
    > Thanks
    >
    > "Danny" <> wrote in message
    > news:1z1vc.13034$...
    > > Hello
    > >
    > > how can you protect the .mdb that an asp page modifies?
    > > This must be open to all for modifications right?
    > > But how can it be hidden so people can't just download it if they guess

    > the
    > > path?
    > >
    > > Thanks
    > >
    > >

    >
    >
     
    Steven Burn, Jun 1, 2004
    #9
  10. A "private" folder is still only as secure as the file system and/or the FTP
    credentials.

    IMHO, Access is the wrong tool if a primary objective is security.

    --
    http://www.aspfaq.com/
    (Reverse address to reply.)




    "Steven Burn" <> wrote in message
    news:...
    > EEK!..... they've not even given a private folder?.... (no offence but,

    I'd
    > be having serious talks with them <g>)
     
    Aaron [SQL Server MVP], Jun 1, 2004
    #10
  11. Danny

    Danny Guest

    Thanks again.
    I just found out they keep everything in the root of the website.
    I am using asp to access this database.
    Is there anything I can do? or is making the path very obscure good enough?

    thanks again

    "Aaron [SQL Server MVP]" <> wrote in message
    news:u5kl%...
    > A "private" folder is still only as secure as the file system and/or the

    FTP
    > credentials.
    >
    > IMHO, Access is the wrong tool if a primary objective is security.
    >
    > --
    > http://www.aspfaq.com/
    > (Reverse address to reply.)
    >
    >
    >
    >
    > "Steven Burn" <> wrote in message
    > news:...
    > > EEK!..... they've not even given a private folder?.... (no offence but,

    > I'd
    > > be having serious talks with them <g>)

    >
    >
     
    Danny, Jun 1, 2004
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Vikas Yadav
    Replies:
    0
    Views:
    1,142
    Vikas Yadav
    Sep 9, 2003
  2. Dave
    Replies:
    1
    Views:
    547
    Anthony Williams
    Sep 10, 2003
  3. A.M

    Creating an MDB/XLS file

    A.M, Oct 28, 2003, in forum: ASP .Net
    Replies:
    3
    Views:
    4,222
    Chris Becker
    Oct 30, 2003
  4. =?Utf-8?B?UGhpbA==?=

    Faster access to MDB? MS Access MDB and ASP

    =?Utf-8?B?UGhpbA==?=, Jan 26, 2005, in forum: ASP .Net
    Replies:
    8
    Views:
    484
    Kevin Spencer
    Jan 27, 2005
  5. John  Schult

    MDB to MDB Event Notification

    John Schult, May 4, 2005, in forum: Java
    Replies:
    0
    Views:
    486
    John Schult
    May 4, 2005
Loading...

Share This Page