Need help with denying access to a folder...

Hello,

In my web config I have this:

<location path="forum">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>

And this works fine for a page named like this:

www.mydomain.com/forum/default.aspx

The problem is this, the forum software that I am using is the old asp so
the default page is this:

www.mydomain.com/forum/default.asp

As a result unauthorized people can get into that directory and on to that
page with no problem.

Am I doing something wrong or did I leave something out?

Let me know if I did not explain the problem clearly enough.

Thanks!

--
Only the Best Freeware at http://www.vbmark.com
.

Relevant Pages

  • Re: webpage permissions
    ... database into my first ASP application on IIS6 with SQL 2K back end. ... You are asking about Authorization after you ... IIS and ASP support Authentication through NTFS ACLs. ... if you separate out management tasks into ...
    (microsoft.public.inetserver.iis.security)
  • Blocking Direct URL Access through web config
    ... I also have a web config ... The problem is when I paste the direct URL into the ... the browser, I can gain access to that page. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Ini file equivalent ASP.Net etc
    ... You could use web config. ... there is a support article about specific entries being cryptable in ... (In case this is ASP instead of ASP.NET try an ASP group instead). ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: authentication mode for specific files?
    ... the web config. ... I have an img tag to an image in ... config file to specify specific files that do not require ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: .Net Programmer Multiple Vacancies
    ... authorization status, expectations and location. ...
    (comp.lang.java.programmer)