Secure everything in directory

I have a web.cofig file inside a directory (see below). If you click on the link to the site, you go to a login page and with the correct credentials, you go to the page you tried to access (standard stuff). If you have a file in there for example, "test.txt", I am current able to type in the direct link and pull that file up. I want to be able to secure the data as well and it is an upload directory so it will always be different names, but they will always be PDF files.

<?xml version="1.0" encoding="utf-8"?>
  <location path="~/Directory/Folder/">
        <allow roles="Role" />
        <allow users="user" />
        <deny users="*" />

Read More


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s