Ask a Question related to ASP Database, Design and Development.
-
FrankM #1
Database security concerns
I'm about to install a database driven shopping cart. I've read in
cart documentation that my store is not secure if I'm using the
default configuration with an Access database in the public script
folder. I have asked my webmaster and they are not able to place the
database in a non-public folder. How can I solve this situation
without going to SQL Server? Comersus is compatible with SQL Server
but then I will have to pay more for the hosting service. The
documentation of the cart with security tips can be downloaded at
[url]http://www.comersus.com/freeDownloads.asp[/url]
Thx in advance
FrankM Guest
-
'Balance ragged text' concerns
I'm loving 'balance ragged text', are you? I just had a teeny weeny concern though... One bad habit some of the writers at my place have is to... -
Database security
I am planning on deploying a fairly unsophisticated web application using asp. The app will read a user's record from an Access database stored on... -
Legal Concerns
Hi everbody :) . I got a big question for you. This has been on my mind for a very good time now. I am currently developing an application in Visual... -
Adding ASP.NET to IIS5 security concerns
I would like to install the DOTNET 1.1 FRMWRK on a production machine (IIS5 Win2k). It runs ASP and it's locked down with the IIS 2.1 LockDown Tool... -
Voice your concerns
Hi all, If you feel like you have something to say about this new forum design, visit this other Adobe forum and voice your opinion : ... -
Ray at #2 Re: Database security concerns
First thing I'd do is smack the webmaster.
If you absolutely cannot get it outside of the site, I'd employ a number of
methods that would make your DB ~mostly~ secure.
1. Name it laksjdf9834hfaushdf.mdb
2. Then rename it to laksjdf9834hfaushdf.asp
3. Then put it in a dir like
kajsd/akjf34/a.4k,j5./kj34q/3kj4//34kj5/q43/5kj/q45q/435j/345j4j4/5/34kj
(ignore invalid characters - just pressed keyboard randomly)
This isn't the ideal solution by any means, but you do what you can.
Something else I'd do is put the webmaster's personal information in the
database and then send him the link to download it and explain to him that
anyone in the world can get to it. I guess what I'm trying to say is that
you should try to the absolute limit to talk the webmaster into not being so
foolish. Have him post here if he questions the need for keeping the mdb
outside of the site. :]
Ray at work
"FrankM" <frankmalone2003@yahoo.com> wrote in message
news:9bf4f834.0308061022.741f74f5@posting.google.c om...> I'm about to install a database driven shopping cart. I've read in
> cart documentation that my store is not secure if I'm using the
> default configuration with an Access database in the public script
> folder. I have asked my webmaster and they are not able to place the
> database in a non-public folder. How can I solve this situation
> without going to SQL Server? Comersus is compatible with SQL Server
> but then I will have to pay more for the hosting service. The
> documentation of the cart with security tips can be downloaded at
> [url]http://www.comersus.com/freeDownloads.asp[/url]
> Thx in advance
Ray at Guest
-
Bullschmidt #3 Re: Database security concerns
Renaming the database with an .asp extension should get the job done.
But you also might give the database a password. And if you do use an
.asp extension, change it back to .mdb when uploading and downloading so
that your FTP software doesn't transfer the file as text.
Best regards,
J. Paul Schmidt, Freelance ASP Web Developer
[url]http://www.Bullschmidt.com[/url]
ASP Design Tips, ASP Web Database Demo, Free ASP Bar Chart Tool...
*** Sent via Developersdex [url]http://www.developersdex.com[/url] ***
Don't just participate in USENET...get rewarded for it!
Bullschmidt Guest
-
Ray at #4 Re: Database security concerns
"Bullschmidt" <paul@bullschmidt.com-nospam> wrote in message
news:u$uyCRMXDHA.536@TK2MSFTNGP10.phx.gbl...Although much of the data will come through as straight and readable ASCII> Renaming the database with an .asp extension should get the job done.
if someone goes to [url]http://yoursite/yourdatabase.asp[/url], unfortunately.
Good point Paul!> But you also might give the database a password. And if you do use an
> asp extension, change it back to .mdb when uploading and downloading so
> that your FTP software doesn't transfer the file as text.
Ray at work
Ray at Guest
-
Adrian Forbes - MVP #5 Database security concerns
You can still password protect your Access DB and supply
the username and password in the connect string. For more
help on protecting access check the Help that comes with
it or try posting in an Access group. You should couple
this with Ray's idea of putting it someplace that you
can't guess.
I've read in>-----Original Message-----
>I'm about to install a database driven shopping cart.using the>cart documentation that my store is not secure if I'mpublic script>default configuration with an Access database in theto place the>folder. I have asked my webmaster and they are not ablesituation>database in a non-public folder. How can I solve thisSQL Server>without going to SQL Server? Comersus is compatible withThe>but then I will have to pay more for the hosting service.downloaded at>documentation of the cart with security tips can be>[url]http://www.comersus.com/freeDownloads.asp[/url]
>Thx in advance
>.
>Adrian Forbes - MVP Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
