Provides you with an in-depth understanding of four security methods for Access databases

I. Password-based give the database a random and complex name to avoid being guessed and downloaded. This method was very popular in the past, because everyone was confident in their own code. However, with the error message indicating that the database address is leaked, the database is illegally downloaded. This method is used by fewer and fewer users. 2. Add the # sign in the database name to request from the URL

I. Password-based give the database a random and complex name to avoid being guessed and downloaded. This method was very popular in the past, because everyone was confident in their own code. However, with the error message indicating that the database address is leaked, the database is illegally downloaded. This method is used by fewer and fewer users. 2. Add the # sign in the database name to request from the URL

I. Cryptographic

Give the database a random and complex name to avoid being guessed to be downloaded. This method is popular in the past, because everyone is confident in their own code. However, with the error message indicating that the database address is leaked, the database is illegally downloaded. This method is used by fewer and fewer users.

Ii. "#" Type

Add the # sign to the database name. When requesting from the URL, # Is a separator between the request address and the request parameter. If you know the database name, you can directly request it, for example :#. mdb, the WEB server will regard the request as access instead of access #. mdb, so the system will prompt that the file cannot be found, but unfortunately, there will be a special representation for these special characters in the URL, # The special representation is % 23, for example, % 23.mdb, then access #. mdb will be downloaded. You can also download it directly if you use a download tool such as FlashGet.

Iii. asp

This is a professional but safe practice. It is also a popular practice. However, many people only make half of the work, but change the data name to ASP, in this case, you can directly download the database using a download tool such as FlashGet. The correct method is as follows:

Create a field in the database with random names. The type is OLE object and the content is set to single-byte type"

After this code is run, a nodownload table is generated in the database, and the field in the table is notdown. If a data table with the same name already exists in the Database, change nodownload in the Code to the name you want.

Iv. asa type

The true meaning of this method is to use IIS to protect the ASA file, so that the database file cannot be directly downloaded from the URL, but this method is misunderstood as long as the file suffix is changed to ASA. You must know that IIS only applies to global. the asa file name is protected by requests. Therefore, this method can only set the database name to global. and set it to global. it is better not to place the asa in the root directory of the host or virtual directory, otherwise it will be normally global by IIS. the