Best way to protect your .mdb
Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=1491
Printed Date: 30 March 2026 at 3:59pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: Best way to protect your .mdb
Posted By: markmied
Subject: Best way to protect your .mdb
Date Posted: 30 March 2003 at 2:24pm
|
What is the best way to protect wwForum.mdb file, beside renaming it? If you know the file name you can easily download it. Any suggestions?
I tried looking for answers but there is simply too many posts. 
|
Replies:
Posted By: michael
Date Posted: 30 March 2003 at 2:51pm
|
It is actually described very well in the forum documentation when you download it. Most important> Put your mdb outside of your web so it can only be accessed from within code. Depends on your host if they support it though. My host for example associated mdb with some script like asp (don't know what they picked) and when you try to download it, it just gives you a script error. ------------- http://baumannphoto.com" rel="nofollow - Blog | http://mpgtracker.com" rel="nofollow - MPG Tracker |
Posted By: Gullanian
Date Posted: 30 March 2003 at 3:29pm
| you can also password protect the database, set the password to something pretty random, be sure to change the connection string in the configuration files however |
Posted By: Bunce
Date Posted: 30 March 2003 at 4:26pm
|
One that doesn't come up very often, that Michael was sort of referring to, was that you can actually rename your database you have an asp extension. This means that it can't be downloaded as it will (attempt to) be processed by the dll on the web server. Will still work if you point your connection string to this file. Cheers, ------------- There have been many, many posts made throughout the world... This was one of them. |
Posted By: markmied
Date Posted: 30 March 2003 at 4:39pm
| Thank you all for replies. |
Posted By: xeerex
Date Posted: 30 March 2003 at 5:16pm
|
The asp trick works well. Also, rename it to something with a random alpha-numeric name. You can set permissions on the database itself to WRITE only and remove READ and remove all others. Usually, your host can do this if you aren't hosting your own website. Password-protecting the database is not a bad idea; however, it can be cracked easily with several programs found on the Net. ------------- http://webspacegeeks.com - Need Hosting, Domains, Dedicated Servers? http://www.smartergeek.com - web design | pc support | training | podcasts | video production |
Posted By: eaglesexec
Date Posted: 30 March 2003 at 8:40pm
|
hmmm. i know the name of my DB and when i just type its URL in the browser window it will show me a page not found 404 error... its in a database folder... i think my hosting people have to do with this. probably one of their security measures. ------------- A good plan, violently executed now, is better than a perfect plan next week. -General George S. Patton. |
Posted By: Julian_Brunt
Date Posted: 01 April 2003 at 2:57am
I will agree with that, you can also encrypt your DB 1st and then rename it with an asp extention. This is kind of standard practice as I have been given this information for other web apps.. ------------- Struggling to keep up.... |
Bunce wrote: