V
vbMark
Hello,
In my web config I have this:
<location path="forum">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
And this works fine for a page named like this:
www.mydomain.com/forum/default.aspx
The problem is this, the forum software that I am using is the old asp so
the default page is this:
www.mydomain.com/forum/default.asp
As a result unauthorized people can get into that directory and on to that
page with no problem.
Am I doing something wrong or did I leave something out?
Let me know if I did not explain the problem clearly enough.
Thanks!
In my web config I have this:
<location path="forum">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
And this works fine for a page named like this:
www.mydomain.com/forum/default.aspx
The problem is this, the forum software that I am using is the old asp so
the default page is this:
www.mydomain.com/forum/default.asp
As a result unauthorized people can get into that directory and on to that
page with no problem.
Am I doing something wrong or did I leave something out?
Let me know if I did not explain the problem clearly enough.
Thanks!