Shahar Gvirtz's Weblog

How To: Prevent running ASP / ASP.NET code in specific folder

Sometimes, you may want to prevent running ASP or ASP.NET code in specific folder, for security reasons for example.
In this case, you have to follow these instructions (Windows Server 2003, IIS6):

  1. run inetmgr, the IIS management consoleimage
  2. Right-Click on the folder you want to disable ASP/ASP.NET inside
  3. Open the properties window.
  4. image In the "Directory" tab, in the "Execute Premissions list, choose "None". Now, It's impossible to execute ASP files or CGI scripts in this folder.
  5. Make an application for this folder, by clicking "Create" button.
  6. Click on the "Configuration" button.





  7. image In the "Wildcard application maps" section, choose the aspnet_isapi.dll item, and click Removee.

That's it!
Now, it's impossible to execute ASP or ASP.NET code on this folder.

Shahar.

Posted: Mar 16 2008, 02:54 PM by shahargs | with 7 comment(s)
Filed under:

Comments

Mark said:

it's a good idea to do this to folders where users can upload content.

# March 16, 2008 4:50 PM

shahargs said:

Yes, I did it for a folder where users upload content to.

# March 17, 2008 2:50 AM

DotNetKicks.com said:

You've been kicked (a good thing) - Trackback from DotNetKicks.com

# March 17, 2008 10:50 AM

Work for stay at home moms. said:

Wahm com the online magazine for work at home moms. Work at home moms message boards.

# November 3, 2008 6:28 PM

DotNetShoutout said:

Your Story is Submitted - Trackback from DotNetShoutout

# November 19, 2008 10:06 AM

orlando personal injury said:

they need to get this security fixed. i have run into this problem before.

# November 14, 2009 4:23 PM

DVD Boxset said:

Some specific folders need an application to prevent the execute premissions and this article has shown a way of doing it.The steps are clear,just that the content needs to be uploaded.The section runs are pretty amazing,learnt something new from here.Directory tabs are there,and it makes it a lot easier.Thanks!

# November 23, 2009 2:05 PM
Leave a Comment

(required) 

(required) 

(optional)

(required)