Protect My Web Application
let say a customer buy the pay version. there is a chances for him to give other people to install it n use..is there any way i can block it. 1 application only for 1 person / domain name. any suggestions on the coding part.
View Replies
ADVERTISEMENT
how can you protect the .mdb that an asp page modifies? This must be open to all for modifications right? But how can it be hidden so people can't just download it if they guess the path?
View Replies
View Related
I'm trying to protect a directory from users not logged in.
Let say i'm trying to protect a direcory called files.
I only want the user to acces the files when they've logged in.
http://www.sitename.com/files/filename.doc
Even though they know the name and path i want to prevent people from downloading the files.
I don't want the user to be able to send out the link to another friend without logging in.
Is this possible i'm using a wiindows server.
View Replies
View Related
how to protect any files inside a directory from unauthorized download?
View Replies
View Related
I have several PDF and MPG files I would like to provide to users to
download via HTTP. I also have a database of user accounts. I would like to
protect the PDF and MPG files so that users cannot "save target as" or "view
source" to directly link to the files.
My first thought is that I would have to remove anonymous access to these
files and/or their parent folder within IIS. I was thinking that I could
then create a Windows account called something like WebUsers and give it
access to that folder. I'm hoping to write some ASP code that authenticates
my users against my own database and, if successful, logs them into IIS via
the WebUsers account (so that all my users share the same account).
My problem is I cannot find an code or method or object to do this. Is there
some simple function that I can use to pass a username, pw, and domain to
IIS to authenticate the user that would then carry through for them to be
able to download non-ASP (PDF, etc.) content?
View Replies
View Related
Ok, this is the setup:
I have archived PDFs, but I want to restrict access to them to members only. Right now, my members only site uses a session variable to log in users.
Is there anyway to set it up so that users cannot open the PDFs unless they're logged in???
The problem is the members only site is seperate from the site where the PDFs reside. That is, a user goes to mymagazines.com and searches for sometext, and a list of links pops up with all the relevant matches, mostly PDFs. This entire process, is free for all to use.
But when they actually click on the link to the PDF, I want them to log in to the members only site. Is there any way to do this?
View Replies
View Related
I have a protected area for a personal portfolio, whereby a client will have login details, and have access this way. Because the work has been done within companies I have to hide this from the general public, due to stupid legal issues.
I have a download directory whereby files are linked. People cannot access the portfolio, however people can type a full path to say the downloads directory and grab a file this way.
Because this is not a managed area as such I am unsure how to disallow such a download or viewing of pdf files without a successful login. Perhaps this is something to do with the host.
View Replies
View Related
i've developed an appliaction that i want to sell it to my client, but dont want him to reseller it, so is there any solfware or techniques that i can used to protect my asp source ?
View Replies
View Related
I'm selling asp softwares on the net and I would like to find a way of protecting these softwares with a key or something. Would you know any solution for that?
View Replies
View Related
I'm after a script that will allow me to password protect a page, but allow multiple users. IN that I mean I can have 5 people with different usernames/passwords who can all access the same page.
View Replies
View Related
I have a simple 2 page frameset that I am trying to protect using asp. I've
included the following code listed below at the top of each page including
the frameset page in an attempt to protect each page from unauthorized
access.
When I open any of the pages in the frameset individually, I am
presented with the proper login page as expected, however if I open them
thru the frameset page, redirection to my login page does not occur. Code:
View Replies
View Related
I am working on a web site that uses ASP 3.0 with Microsoft SQL Server at the backend. ASP is used to query the database and fetch data and display it on the web page. I am seeking a technique that can protect my ASP pages from being downloaded.
What I mean by this is that when a visitor runs a search query on my site and the results are displayed on the web page with .asp extension I want to restrict the visitors from saving those pages on their hard drvies. Is there a technique to restrict visitors from saving .asp pages, or may be a 3rd party component that does this.
View Replies
View Related
is it possible to protect ASP code in some way? Can it be compiled, or
otherwise protect the source somehow?
View Replies
View Related
I have a small ASP application that has no OCXs (so there is nothing for the users to download, etc) and no DLLs (so nothing to register).
Currently, I only allow prospects to demo it online through my server and then they get the files (source code) when they purchase it.
What I would like to be able to do is allow them to trial it on their servers for a limited period, but I don't know how to protect my code from being seen, used (if they don't pay) or copied?
Can you please suggest the possible ways of doing this? I know that you can copy functions into a compiled DLL and then protect the DLL, but then I would have to run an install program to register the DLL, correct?
View Replies
View Related
Is there anyway for me to make users enter an username and password in order to get access to download a pdf file.
I will have a list of valid usernames and passwords?
View Replies
View Related
what is the best way to protect the connection strings keeping an effective, low overheaded access to them ?
View Replies
View Related
I have one registration form with "submit" button. I don't know how to make protection from automatic submit (with picture and security code)?
View Replies
View Related
I have a website which contains certain files (ppts, pdfs) in its root directory. By directly giving in the URL in the address bar, anybody can access the files. I want the users to be logged into the website in order to access them.
For example, if the file location is http://abc.com/my.ppt, I would want the user to be redirected to the login page of the website when he/she tries to access this link. If already logged in, the file should download. How can this be done?
View Replies
View Related
I'm more of a LAMP person than an ASP/windows type (I'll be honest I haven't got a clue about ASP). Anyway, I'm looking for a way to password protect a file. Normally under a unix box I would just use .htaccess and .htpasswd to use http authentication but I don't have a clue how I would do such a thing under a windows box.
View Replies
View Related
the page is to be able to allow a user to enter a password so as to download documents. It does not meant for any users to download. It is for some specific users. What I want is to send them a password through email, but I want to know who's has downloaded.
View Replies
View Related
Is it a way I can protect my documents and images on a webserver without having direct access to administrate the webserver.
When I make an asp page I protect the information pulised on this page easy. But if I link to some images and pdf files on my site, these are not protected. If a person get the url to this image or file thei can easy download it.
One way to protect these files is to store them in a database, but is there another way to protect them.
Can I for example password protect a folder where I can put all my files and images? Here I mean password protect a folder without having direct access to the webserver.
View Replies
View Related
I have got a password protected page which works OK.
What I need and cannot get to work is a Session Variable,
so that if someone try's to open a page that is
PASSWORD PROTECTED it will redirect user to logon page.
i.e. someone enters correct username AND password,
which open up a page. From this page I want to open
just one other page which is protected. Code:
View Replies
View Related
I am trying to figure out a good way to go by protecting from sql injections, but still letting people be able to post those symbols etc...
View Replies
View Related
ASP Session/Cookies, Help to Protect Page from Non users I am a beginner and very urgently need some help
I have created a asp page, that takes in a username and password and validates it as follows and then if true continues to the pages requested.
Code:
'Read in the password for the user from the database
If (((Request.Form("txtUser")) = rsCheckUser("User_pass")) and (rsCheckUser("User_lev") = 1) ) Then
'If rsCheckUser("User_level") = 1 Then
'THE ABOVE CHECKS THE INFO IS CORRECT AND IT REDIRECTS TO THE PAGE BELOW and Session=True
'If the password is correct then set the session variable to True
Session("blnIsUserGood") = "True"
'Redirect to the authorised user page and send the users name
Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
End If
Now this code takes you to page :Response.Redirect"user_self_update_form.asp?ID=" & rsCheckUser("ID") & ""
Which is something like /project/user_self_update_form.asp?ID=1
Since after the login you do to this, you are allowed to see this page.
But The page user_self_update_form.asp?ID= can also be access if you just put the link on the browser. Lets say i log in as ID 2, and just change the ID to 3 on the address bar in the browser, i will log into someone elses page.
How to i block this from random access and only the SPECIFIC USER?
Code for user_self_update_form.asp (the protected page unless you are logged it):
The Session = False part just does not work here, so if you get this link of someone, you can just get it, and you are not redirected.
<%
'If the session variable is False or does not exsist then redirect the user to the unauthorised user page
If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) = True then
'Redirect to unathorised user page
Response.Redirect"unauthorised_user_page.htm"
End If
%>
<%
'Dimension variables
Dim adoCon 'Holds the Database Connection Object
Dim rsGuestbook 'Holds the recordset for the record to be updated
Dim strSQL 'Holds the SQL query for the database
Dim lngRecordNo 'Holds the record number to be updated
'Read in the record number to be updated
lngRecordNo = CLng(Request.QueryString("ID"))
and all the other protected into here:
View Replies
View Related
One of my clients asked me to do a login script for their users that would direct them to a secure page which is protected by checking if the user has logged in (session variable).
The secure page has a number of links to some PDF documents but she is concerned that anyone with the absolute link to the PDF would be able to access the documents.
How can we secure the documents from anyone using the absolute url?
The site is on a Windows 2003 server.
I was thinking something along the lines of how music downloads work where you dont actually get the link to the file and instead are directed to it.
Any other ideas??
View Replies
View Related
I have downloaded a nice upload script from the internet, it works great, but I would like to have it protected,so that only the admin user can use this upload page, I'm getting the following error:
Microsoft VBScript runtime error '800a01b6'
Object doesn't support this property or method: 'Request.Session'
If I change it in Request.Cookies, that won't work either.....
View Replies
View Related
is there any way to protect files or a folder from unauthorised access, i.e.when a variable is false?
e.g.
when variable li = 1 then grant access to folder and files within
when variable li <> 1 then deny access
i have a folder with images and word documents i only want people with the variable set to 1 to be able to access them.is there a way?
View Replies
View Related
We have our web-site developed in classic ASP, and I need to add this additional feature on one of the pages to access a VB application. How can I do that? The VB application basically sends output to the COM3 port and opens a USB-Cash drawer that is attached to it. I am not sure how to go about with this.
View Replies
View Related
I have a client who wants to password protect a learning course that is set up in modules. Each module needs to have it's own password protection so users can only access them as they progress through the course.
Each user should have their own password (for each module) and, said client would like the password to expire for the user at some (predetermined?) point. Is this possible? It seems like a lot (in terms of setup), but I don't know much about password stuff.
If it is possible, can someone give me an overview of how it works (theoretically) or where to find more specific info on setting something like this up (in ASP.net)
If it isn't possible, can someone suggest what is more reasonable in terms of protecting the modules?
View Replies
View Related
Sometime this morning our classic asp web application stopped
authenticating against active directory. This is our only "classic" asp
app that authenticates against ad. Note that this app has been in
production for three years with no problems. All .NET apps are
authenticating fine from the same server. This same classic asp app
authenticates fine from our development server. There have been no code
changes to this app.
We're using the login id and password to bind the necessary ad objects
- we check for err.number - if equal to zero, we're authenticated, if
not equal to zero then authentication failed.
We checked with the network people and they say ad is working fine and
the server is able to authenticate. The app doesn't go through a
firewall -so no hang up there. The guys who manage the web server say
they haven't made any changes to it. They confirmed that the app is in
the correct app pool so it doesn't conflict with 2.0 apps.
I'm stumped.
View Replies
View Related
I remember coming across a MS tool that would allow me to monitor the performance of all aspects of a DNA based application - all the way from the ASP level to MS SQL server. It was part of the NT resource kit. I am trying to locate this tool for Win 2000. Can someone who has come across such a tool help me
View Replies
View Related
I've just been given some code to decipher in classic ASP and have come across this function (Application()) in several instances. I can't seem to figure out what it does?
View Replies
View Related
I am about to create a web application using asp and vbs to build an online
roster for a department of 25 people. The roster covers some 10 shifts a
day, 7 days a week always starting on a Sunday. I will be using an access
database file to hold the information. At this this stage I will hold all
the data for each week based on the date that the week starts.
I am looking for ideas on how to dynamically give the user the option to
choose any given week in any given year, always starting on a sunday. Could
this be created on the fly or would it be easier creating a database table
holding the dates for Sunday for a year or 2 ?
Once a week is chosen a check on the database will determine if that weeks
roster has been created or not. If not a user with the correct permissions
can then create it.The rosters are currently written out by hand. It is a labourious task which must have certain numbers of staff working each shift for a given day. By
creating a web application automating the checking process and making the
roster available online and by email will make life easier for all staff
involved.
View Replies
View Related