Restricting web access to config fileBy default if you place your config file inside your website folder the file content will be sent back after a request, to prevent this you need to add a HTTP handler, this can be acheived by adding the following in the httpHandlers section: <add verb="*" path="*.boo" type="System.Web.HttpForbiddenHandler"/> The above assumes that the config file uses the .boo extension.
|
Sign in to add a comment
