stackoom
  简体   繁体   中英

how to give a windows web server directory permissions?

 原文  2012-02-13 21:59:08       c#/ xml/ permissions/ webserver

Question

I have a windows web server and i am using xml for the web.config i currently have extensions permissions set to false for .exe, .bin, and .dll

but i made a directory called "thing" with a .exe in it and i want to write in xml permissions for that directory that lets me download .exe files from it 

 <?xml version="1.0" encoding="utf-8" ?>
 <configuration>
     <system.webServer>
         <security>
             <requestFiltering>
                 <fileExtensions>
                     <add fileExtension=".dll" allowed="false" />
                     <add fileExtension=".exe" allowed="false" />
                     <add fileExtension=".bin" allowed="false" />
                 </fileExtensions>
             </requestFiltering>
         </security>
     </system.webServer>
 </configuration>

help please?

1 answers

solution1
 0 ACCPTED  2012-02-13 23:17:08

From the IIS7 documentation , there are 3 tags that you can use within <requestFiltering> to control URL access:

  • <denyUrlSequences> - This element can contain a collection of URL sequence patterns that IIS 7 will deny; for example: you can deny parts of URL sequences that an attacker might try to exploit.
  • <fileExtensions> - This element can contain a collection of file name extensions that IIS 7 will either deny or allow; for example: you can block all requests for Web.config files.`
  • <hiddenSegments> - This element can contain a collection of URLs that cannot be browsed; for example: you can deny requests for the ASP.NET App_Code folder.

For example: 

<requestFiltering>
    <!-- deny access to any URL which contains /private -->
    <denyUrlSequences>
       <add sequence="/private"/>
    </denyUrlSequences>
    <!-- block all file extensions except js,css,html -->
    <fileExtensions allowUnlisted="false">
       <add fileExtension=".js" allowed="true" />
       <add fileExtension=".css" allowed="true" />
       <add fileExtension=".html" allowed="true" />
    </fileExtensions>
    <!-- hide config and bin dir -->
    <hiddenSegments>
       <add segment="config" />
       <add segment="bin" />
    </hiddenSegments>
</requestFiltering>

You can hide some URLs or block some file extensions, but, as far as I can think, it is not possible to fine-tune the accessibility of specific file extensions by folder just changing the IIS configuration. If this is what you want, you'll probably need to write some server-side code.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to give the permissions to sql server 2008 database to insert the data from client system in c# windows application? setup deployment: How to give permissions to the C: directory application folder database? Using Active Directory and Windows Authentication to give custom roles in Blazor Server Is there a way i can give permissions based on the groups of active directory in my asp.net web application? C# Give Permissions to Everyone in Active Directory Set directory permissions on Windows XP How to give an SPGroup permissions for an SPItem? create users, logins and give permissions in sql server How to “publish directory from a web server”? Web Service Confusion - IIS - How to get web site's current directory and permissions issues
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM