SQL Server administration and T-SQL development, Web Programming with ASP.NET, HTML5 and Javascript, Windows Phone 8 app development, SAP Smartforms and ABAP Programming, Windows 7, Visual Studio and MS Office software Kodyaz Development Resources
Development resources, articles, tutorials, samples, codes and tools for .Net, SQL Server, Windows, Windows Phone, SAP and ABAP, like SAP UI5, Screen Personas, etc.






.NET Framework, ASP.NET

ASP.NET, Windows Forms, Controls, .NET Framework and Visual Studio Articles

ASP.NET Forums

Visual Studio Forums

.NET Development Blog

Certification Exams Blog




Configuring ASP.NET File Upload Security Permissions on Upload or Download Folders


It is a common application that web sites or web applications allow users to upload files to storage folders or file storage databases.
But sometimes configuring security NTFS permissions for download or upload folders may be confusing and frustrating.
For ASP.NET applications, IIS (Internet Information Server) let's the ASP.NET machine account to process the asp.net web requests.
Here you can find screenshot summarizing and displaying how the ACL (Access Control Lists) is arranged for an upload folder for an ASP.NET web site application.





In this sample we have a donwload folder named FSBDownloads.
This download/upload folder is configured as a virtual folder in the IIS console with an alias name "Documents".
Using the IIS Management Console, the Documents virtual folder is configured as shown in the below screenshot.
The Documents folder is allowed for "Write" which differs upload folders from ordinary web application folders.
On the other side, if we put the web server aside, if we look at the security properties of the download/upload folders for file system security, you can see that the ASP.NET Machine Account is configured with Modify (and also Write) permissions on the folder ACL.

file upload security configurations of an upload folder for a web application












Copyright © 2004 - 2017 Eralper YILMAZ. All rights reserved.
Community Server by Telligent Systems