I would like to prevent web site users to upload some types of files like .zip, .rar, .bat etc...
Looking for general solution that would be applied to IIS server and not to CMS sistems installed on server.
Uploading .zip file should return an error.
you can add and install "File server resource manager" in windows server (from add/remove programs. Bottom link describe all you needed)
and then block all extension group(like executable files or videos file) of specific path(in your case specific path is your upload folder)
follow this link to more details
Related
I have a required to download a file from SFTP server and the file downloaded is stored to local folder say "D:\Data\tempData.csv"
I have to read the data from local file and consume in my application for other data manipulation.
This job is created using web hooks scheduler in Azure Web Jobs.
I am unable to download file to azure and then read from there.
Can some one help me to use a location for temp data which is equivalent to "D:\Data\tempData.csv" in local system in the azure environment.
Suggest a place in azure where can I download file and then to read from there.
Thanks in Advance.
What I tried?
Tried using SSH.NET dll to download file from SFTP to local folder
Again to read from local folder to my application
Tried looking at BLOB storage usage, which was not approved Tech Arch.
In an Azure Web App, you can create files anywhere under d:\home (for persistent files) or under d:\local (temporary files). See this page for more details on the file system. Try using Kudu Console to see those locations.
How you get the file in that location sounds mostly unrelated to your primary question about what location you can use.
In Azure Environment, the "Web-Jobs" are stored in its local folder where known as "D:\home" and "D:\local" is the local folder used by the Web-hooks.
I was in need to use a folder for temporary usage of downloading a file from SFTP server and again read the file from that local temporary location file and consume it in my application.
I have used the "D:\local\Temp" as the temporary folder which is created by the code after checking the folder existence, then after creating the folder the code will download a file from server and store to this location and then read from the same location and delete the file from that temporary folder.
Thanks all for your help, #David Ebbo Thanks.
I'd like to force sharepoint to save files in directory. Is there a way to do that?
I think about this scenario: users upload files to some list / library in sharepoint and automatically or by pushing "publish" the files are copied to some local server's directory.
Edit:
In other words i would like to connect sharepoint library with physical directory in server that runs IIS, so that files uploaded to library were seen in that folder.
I'm new to sharepoint.
Are you talking about Remote BLOB Storage? I have not tried this and assume that RBS can be enabled for a Site level only and not for individual document libraries. If you want this for a particular doc library, you can write an event handler to save the uploaded documents to file system and then remove the uploaded file.
Most likely you don't want to do this. If you're doing it in order to access the files from other applications, or having them show up in a users home directory or something, you can just map the document library as a network drive/web folder.
So, I decided to try to break my website...I googled my site by typing in site:mysite.com/whatever and behold, all of the users uploaded files were available for view under a specific directory.
What kind of script/ counter measure should I use to block these files from being viewed? I already have a script that checks the path and the logged in status, however this doesn't seem to be working. I've looked all over for solutions...but I can't quite find one. I'm using ColdFusion 8.
This isn't a ColdFusion issue so much as a web server configuration issue.
You should either:
configure your web server not to show a directory of files when using a URL without a filename (e.g., http://www.example.com/files/)
drop a blank default web document (index.html, index.htm, default.htm, index.cfm, whatever) into that directory so that it displays that document rather than the list of files. If you use index.cfm, it'll fire your Application.cfm/cfc in your file path and use whatever other security you've built.
(or, better, do both)
The best way to secure your file listings and the files themselves is to store them in another folder outside of the Web site root folder. You can then serve them up using CFDIRECTORY and CFCONTENT. The pages that display the files can check your access controls and only serve the files to those allowed to see them.
I'm using multiple computers for development and I want to be able to store my files in my dropbox folder. I went to change the physical path in IIS from c:\inetpup\wwwroot to the dropbox folder but I get this error:
The requested page cannot be accessed
because the related configuration data
for the page is invalid.
I couldn't find the config file so I was wondering if anyone had done this before or whether there a better way to sync everything nicely across several PCs?
I tried it (IIS 7.5, Win 7) and it should work just fine to let your physical path of your web look at your dropfox folder. I would guess your web.config file generally contains malformed XML (see KB942055).
I'd suggest, try to map it to an empty folder just with an index.html file and see if this error still occurs.
As a workaround, I guess you can put Dropbox in your wwwroot folder and set up a virtual directory that points to Dropbox. However, there are some security issues that may hinder you from doing so. I come across a nice tutorial on how to set up Dropbox to IIS as FTP Publishing. Hope it helps.
Hodgin's guide on using Dropbox as FTP publishing.
I have a default IIS 6 install and I can access only .html files. If I create a html file I can see it on the browser. Any other files like ini for example are not visible (404). Any idea on what can be the issue?
Check the web service extensions are enabled (in IIS below the websites is a folder for them) for the content you are trying to share.
Check that the handler mappings is setup correctly (on the website properties)
This may help :
IIS & ASP.NET blocking file