Sometimes it is required to provide a file on your ASP.NET site, which has to be internally used, but it should not be visible to online users. This is mostly a case, when for example some proprietary configuration data has to be persisted.
To block some specific file open the web.config file of your ASP.NET application and add the httpHandler (HttpForbiddenHandler) as shown in the following example. The installed handler blocks all files with extension .propritary.xml.
<system.web>
<httpHandlers>
<add verb="*" path="*.propritary.xml" type="System.Web.HttpForbiddenHandler" />
</httpHandlers>
. . .
</system.web>
More about this feature: http://support.microsoft.com/default.aspx?scid=kb;EN-US;815152
Posted
Apr 12 2006, 12:43 PM
by
Damir Dobric