How to prevent Access database downloads is a very old topic, online discussion is also more. Here is only to explore the asp.net to prevent access to the database is downloaded methods, some of the previous method of summary, part of their original. There may be imperfections or even incorrect places, you are welcome to point out the progress together.
The current solutions are mainly as follows:
1. Put the database file outside the site Directory
2. Set IIS directory permissions for database files to be unreadable (IIS Information Services admin-> Select need to set directory-> right--> Properties-> Directory tab-> cancel read check box)
3. Use ODBC data source
All of the above three methods are more classic and more secure, suitable for the direct operation of the server situation (because three methods need to directly operate the server to set up), of course, this is the ASP platform to prevent access to download the solution.
Another solution under the ASP platform is to add a Long Binary tab to the database and modify the file suffix to. asp. (Details can refer to the data table of the Forum database of the Moving network)
4. Rename your Access *.asax: Because the asp.net processing mechanism, by default, such requests are rejected directly, and there will be no resource-consuming problems with the parsing process Shi mentioned. In this way, you can also rename Access to *.config,*.vb, *.cs, and so on.
5. Place your access in the bin directory under your application root (that is, the directory where you put the DLL): It has been found that IIS is configured by default to deny direct access to files in the bin directory, to secure requests for DLLs, and in fact protects the bin Other files in the directory. But for this method, some people question: will have such a consequence, the database reads and writes will cause the assembly to be frequently refreshed, also will session and application unceasingly loses
6. (Personal originality) Another method is to use. NET access control to prohibit anonymous users to download the database, as follows:
Open the configuration file Web.config and add the following configuration under the configuration node:
<location path= "DataBase" >
<system.web>
<authorization>
<deny users= "*"/>
</authorization>
</system.web>
</location>
DB is your database file storage directory, if it is the root directory with <locateon path= "~/database.aspx" > replace it. Adding the above configuration and then modifying the database suffix to. aspx is the type of file that needs to be resolved by IIS.
Because the <deny users= "*"/> statement restricts any anonymous user access path path= All files that need to be resolved under "DataBase."
Note: In either ASP or. NET, add a space to the directly replace the Access database suffix directly to. asp and. aspx, or by adding "#" in front of the filename or the file name, with FlashGet.
