如何加強asp.net 1.1 / 2.0 安全性

 

ASP.NET 1.1： 開啟 C:WINDOWSMicrosoft.NETFrameworkv1.1.4322CONFIGmachine.config 設定： < location allowOverride="false"> < identity impersonate="true" userName="" password=""/> ASP.NET 2.0 以上： C:WINDOWSMicrosoft.NETFrameworkv2.0.50727CONFIGweb.config 設定： < identity impersonate="true"/> 如果沒有此兩項，分別進行增加： < location allowOverride="true">  改為：< location allowOverride="false">         < system.web>             < securityPolicy>                 < trustLevel name="Full" policyFile="internal"/>                 < trustLevel name="High" policyFile="web_hightrust.config"/>                 < trustLevel name="Medium" policyFile="web_mediumtrust.config"/>                 < trustLevel name="Low" policyFile="web_lowtrust.config"/>                 < trustLevel name="Minimal" policyFile="web_minimaltrust.config"/>             < /securityPolicy>         < trust level="Full" originUrl=""/>         < identity impersonate="true"/>  < !--  這裡增加 -->         < /system.web>     < /location>