Deny users to access a folder

Question

I have this upload file structure link localhost:58707/uploads/interaction/5/Chrysanthemum.jpg

I want to deny all the users to access '~/uploads' directly..

So, I put this in my web.config as I see in others questions here:

  <location path="~/uploads"> //I've tried '/upload' and 'upload' too.
    <system.webServer>
      <directoryBrowse enabled="false" />
    </system.webServer>
  </location>

But it doesn't work. How can I do this?

I would suggest saving the uploaded files to a folder outside of your site root. Then you don't need to worry about it being browsable since it isn't even in the site directory. — Gromer, Oct 02 '12 at 17:18

score 1 · Accepted Answer · edited May 23 '17 at 11:48

1

Check this answer ..

Deny access to 'admin' folder in web.config

Also

http://www.sitefinity.com/devnet/kb/sitefinity-3-x/how-to-restrict-the-access-to-a-given-folder-for-a-specific-role.aspx

edited May 23 '17 at 11:48

Community

1
1

answered Oct 02 '12 at 17:15

Amitd

4,769
8
56
82

score 1 · Answer 2 · answered Jun 16 '13 at 02:17

1

This solution is working for my project: Use App_Data

answered Jun 16 '13 at 02:17

tmorell

549
5
14

Deny users to access a folder

2 Answers2

Linked