I have a web application (asmx) which uses API secret stored in a JSON file.Currently i have put the file in wwwroot/myapp/ folder
string htmlFilePath = HttpContext.Current.Server.MapPath("~/");
string contents = File.ReadAllText(htmlFilePath+@"\file.json");
return contents;
This file is publicly accessable from the browser.How can make this file only accessable by the application?
Create a new folder called, App_Data in your web project and drop your private files there. By default, ASP will forbid the files inside App_Data folder for public access.