ASPASP.NET网站中怎么防止Access数据库被别人下载
如何防止Access数据库下载是一个很老的话题了,网上的讨论也比较多。这里我们给出几种在ASP.NET下防止Access数据库被下载的方法。 我们这里假设Access数据库名字为 test.mdb。 1、把数据库放在WEB目录外 如你的网站目录是D:www,你可以把数据库放到D:data 这
如何防止Access数据库下载是一个很老的话题了,网上的讨论也比较多。这里我们给出几种在ASP.NET下防止Access数据库被下载的方法。
我们这里假设Access数据库名字为 test.mdb。
1、把数据库放在WEB目录外
如你的网站目录是D:www,你可以把数据库放到D:data 这个文件夹里,然后修改网站程序中的数据库连接字串地址部分为:"D:datatest.mdb" ,这样数据库可以正常调用,但是无法下载的,因为它不在网站目录里。
假设在web.config中配置数据库连接字符串。例如:
2、把数据库放在App_Data系统文件夹下
从.Net2.0开始有App_Data目录来专门存放数据文件,它可以用来放Access,SQL Server Express、XML等数据文件。数据库文件放到App_Data文件夹的好处就是可以防止被下载。而对于连接字符串数据库的文件位置可以使用DataDirectory关键来表示它的物理路径,从而在获取连接字符串的时候不再需要使用Server.MapPath()转换。
假设在web.config中配置数据库连接字符串。例如:
|DataDirectory|就是代表的app_data文件夹。
3、重命名数据库文件
将你的 Access 重命名 *.asax:因为 ASP.NET 的处理机制中,默认情况下,对这样的请求是直接拒绝的。按照这个思路,还可以把 Access 重命名为 *.config,*.vb, *.cs 等等。
4、配置IIS,添加.mdb文件类型映射
添加.mdb的扩展映射这个方法就是通过修改IIS设置来实现。只需2个步骤。
1. 配置IIS,将.mdb文件类型映射到ASP.NET ISAPI。
以windows 2003为例,点击“开始”-》运行-》输入“inetmgr” 回车,打开“Internet 服务管理器”。在某一个网站上单击鼠标右键-》点击“属性” 弹出此站点的属性对话框。点击“主目录”选项卡,点击“配置”按钮,则会显示“应用程序配置”对话框。点击“添加”增加一个映射,这时会显示一个对话框,要你输入可执行文件:“C:WINDOWS Microsoft.NET Framework v2.0.50727 aspnet_isapi.dll”;输入扩展名:“.mdb”。如下图所示
2. 配置asp.net的web.config文件,将.mdb文件类型映射到HttpForbiddenHandler HTTP handler。
使asp.net应用程序.mdb文件类型映射到HttpForbiddenHandler HTTP 句柄。为了达到这上步,必须将下面的配置加到Web.config文件中
5、添加ACCESS防下载字段
该方法的原理是:将数据库的扩展名变成.aspx格式,从远程访问这个文件的时候,IIS服务器就会把它当成aspx程序来执行,而我们之前在ACCESS数据库中插入了“”标记中才能执行,所以就会出现 “缺少脚本关闭标记” 的500错误,别人就无法下载ACCESS数据库了。如果只是简单的在数据库的文本或者备注字段加入“
1、先创建一个表,在SQL命令窗口内输入如下内容:“create table [notdown]([notdown] oleobject)”
然后点击工具栏中的“!”(运行),这样,就会在当前数据库内创建一个“notdown”表,其中的字段名称为“notdown”,字段类型为“OLE对象”。 如图1
(图1)
2、将SQL查询窗口中的内容更改为如下命令:“insert into [notdown](notdown) values (0x3C25)”
这一句的意思是向“notdown”表的“notdown”字段中插入“0x3C25”数据(“0x3C25”为字符“
(图2)
执行完毕后,再次查看数据库中的“表”,,就会发现其中已多了一个“notdown”表,打开后字段显示的是“长二进制数据” 如图3
(图3)
admin10000.com 这里已经做好的防下载数据表notdown,你可以直接下载粘贴到自己数据库中使用。notdown数据表
提示1:无论是ASP网站中还是ASP.NET网站,对于直接把Access数据库后缀直接改为.asp和.aspx,用FlashGet等下载工具都照下不误,不能起到防下载作用。
提示2:第5种方法通常用在ASP+ACCESS网站中。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1392
52
36
110
MySQL: An Introduction to the World's Most Popular Database
Apr 12, 2025 am 12:18 AM
MySQL is an open source relational database management system, mainly used to store and retrieve data quickly and reliably. Its working principle includes client requests, query resolution, execution of queries and return results. Examples of usage include creating tables, inserting and querying data, and advanced features such as JOIN operations. Common errors involve SQL syntax, data types, and permissions, and optimization suggestions include the use of indexes, optimized queries, and partitioning of tables.
Why Use MySQL? Benefits and Advantages
Apr 12, 2025 am 12:17 AM
MySQL is chosen for its performance, reliability, ease of use, and community support. 1.MySQL provides efficient data storage and retrieval functions, supporting multiple data types and advanced query operations. 2. Adopt client-server architecture and multiple storage engines to support transaction and query optimization. 3. Easy to use, supports a variety of operating systems and programming languages. 4. Have strong community support and provide rich resources and solutions.
How to use Debian Apache logs to improve website performance
Apr 12, 2025 pm 11:36 PM
This article will explain how to improve website performance by analyzing Apache logs under the Debian system. 1. Log Analysis Basics Apache log records the detailed information of all HTTP requests, including IP address, timestamp, request URL, HTTP method and response code. In Debian systems, these logs are usually located in the /var/log/apache2/access.log and /var/log/apache2/error.log directories. Understanding the log structure is the first step in effective analysis. 2. Log analysis tool You can use a variety of tools to analyze Apache logs: Command line tools: grep, awk, sed and other command line tools.
How to configure zend for apache
Apr 13, 2025 pm 12:57 PM
How to configure Zend in Apache? The steps to configure Zend Framework in an Apache Web Server are as follows: Install Zend Framework and extract it into the Web Server directory. Create a .htaccess file. Create the Zend application directory and add the index.php file. Configure the Zend application (application.ini). Restart the Apache Web server.
What is apache server? What is apache server for?
Apr 13, 2025 am 11:57 AM
Apache server is a powerful web server software that acts as a bridge between browsers and website servers. 1. It handles HTTP requests and returns web page content based on requests; 2. Modular design allows extended functions, such as support for SSL encryption and dynamic web pages; 3. Configuration files (such as virtual host configurations) need to be carefully set to avoid security vulnerabilities, and optimize performance parameters, such as thread count and timeout time, in order to build high-performance and secure web applications.
Summary of phpmyadmin vulnerabilities
Apr 10, 2025 pm 10:24 PM
The key to PHPMyAdmin security defense strategy is: 1. Use the latest version of PHPMyAdmin and regularly update PHP and MySQL; 2. Strictly control access rights, use .htaccess or web server access control; 3. Enable strong password and two-factor authentication; 4. Back up the database regularly; 5. Carefully check the configuration files to avoid exposing sensitive information; 6. Use Web Application Firewall (WAF); 7. Carry out security audits. These measures can effectively reduce the security risks caused by PHPMyAdmin due to improper configuration, over-old version or environmental security risks, and ensure the security of the database.
Solution to MySQL encounters 'Access denied for user' problem
Apr 11, 2025 pm 05:36 PM
How to solve the MySQL "Access denied for user" error: 1. Check the user's permission to connect to the database; 2. Reset the password; 3. Allow remote connections; 4. Refresh permissions; 5. Check the database server configuration (bind-address, skip-grant-tables); 6. Check the firewall rules; 7. Restart the MySQL service. Tip: Make changes after backing up the database.
How to monitor Nginx SSL performance on Debian
Apr 12, 2025 pm 10:18 PM
This article describes how to effectively monitor the SSL performance of Nginx servers on Debian systems. We will use NginxExporter to export Nginx status data to Prometheus and then visually display it through Grafana. Step 1: Configuring Nginx First, we need to enable the stub_status module in the Nginx configuration file to obtain the status information of Nginx. Add the following snippet in your Nginx configuration file (usually located in /etc/nginx/nginx.conf or its include file): location/nginx_status{stub_status
