asp.net-mvciis-7
How to disable direct access to web resources for ASP.NET MVC projectcs
I have a web site that runs on ASP.NET MVC. I have of course disabled the directory browsing. I have also added conditions to my RouteConfig.cs file to accept only pages that I want to.
For example:
example.com/example.com/account/loginexample.com/account/register
I also tested that my configs are not accessible directly:
example.com/web.config---> error 404
However, I still can directly access files under content folder and they are not even minified or anything:
example.com/Content/css/style.css-----> 200:Okexample.com/Content/scripts/myscript.js----> 200:ok
Now I see in some articles they recommend adding the following to the web.config file:
<authorization>
<deny users="?" />
</authorization>
But then it blocks the whole site.
I am sure there should be an easy way to handle this. I use Visual Studio to publish it to a machine running IIS.
Does anyone have any ideas how this can be fixed? Thank you.
Solution
You can also try to use url rewrite to block access:
- Why do I get a "Field is Required" error from my API even tough the query parameter is optional?
- Using #pragma statement in Razor View
- Asp.net Mvc 2: Repository, Paging, and Filtering how to?
- Please help me with ASP.NET MVC Paging error
- InvalidOperationException: Cannot find compilation library location for package 'System.Security.Cryptography.Pkcs'
- How to validate uploaded files in ASP.Net MVC
- How do I performance test my ASP.NET MVC website?
- Confirm form resubmission - ASP.NET 5 MVC
- ASP.NET MVC Paging - Passing complex types back to controller?
- ASP.NET Core EF Identity Roles while using JWT Bearer Scheme
- How to handle paging in asp.net mvc?
- Anchor link only works by "Open link in new tab" command
- ASP.NET MVC and Paging - Search & Result Scenario
- How do you implement paging in ASP.NET MVC?
- rendering html as plaintext without stripping whitespace
- Change Default landing page for users in specific Role
- How to simulate Server.Transfer in ASP.NET MVC?
- Not able to install Microsoft.AspNet.WebApi.Cors from NuGet
- ArgumentException: An item with the same key has already been added
- How can I get the client's IP address in ASP.NET MVC?
- EPPlus - .NET - Preserve VBA Project when loading in Excel package
- Saving the changes with AddSync
- Auto-generated "App_Web********.cs" files in temp directory causing build errors
- Paging in MVC .NET Framework not working, how to get it to work
- Pager in .Net Core 2.1
- Paging in webgrid not working in asp.net mvc 5
- Paging with PagedList, is it efficient?
- PagedList.Mvc returns all records from the table
- MVC Paging not working in AJAX Form
- Passing filter as object from View to Controller