limited access to files

i read that if you want to give your users a file that nobody can access via url, yo开发者_如何学JAVAu need to put it in a directory in an upper level of the domain.

on my computer it worked but when i have tried that online what i got is the domain.com and after that the folder that i needed to be 2 levels up

what is the right way to do it?

Where are the files on the server in relation to the web root? For example, if your web root is C:\inetpub\wwwroot\MyApplication\ then you'll want to put the files outside of that directory (otherwise, they're shared like any other file). Then, in your ASP code, you'll control access to that file by reading it in the code and outputting it to users who are permitted to access it.

It sounds like you say you have that latter part working on your local machine already, is that the case? How exactly is it failing on the server?

If you don't want it accessible by any URL from any one, then don't put it in your web server domain at all. If you want it accessible by only certain people, then you need to look into some kind of authentication / authorization technique.