Since your browser does not support JavaScript, you don't see any navigational toolbars above. For now, please use the navigational links offered at the bottom of each page. We are working on a better solution.

Excerpted from CF Advisor, July 1999.

Be Careful in Placement of Database Files:

If you're using Microsoft Access as the datasource for a CF application, you should be very careful about the placement of that database file (the .mdb file) on your web server. It's very tempting to simply place it in the same directory as the application's CF templates, but this would be a potentially grave mistake. If someone can determine (or guess) the name of the file, they can download it very easily via their browser by entering a URL with that directory and file name. The risk to your data, especially any privacy data, is substantial!

The simple solution is to place the file anywhere else on the web server which is not a web-accessible directory. Keep in mind that the database needs only to be accessed by the CF server, not by a browser user directly. The datasource definition in the CF administrator can find the file anywhere on the CF server. There's no benefit--and this tremendous risk--in placing the file in a web accessible directory.

Tips Contents:

See Blogs for
more updated tips
Volume VII (Dec 2002-)
Volume VI (Apr 2001-Dec 2001)
Marrying CF and Java (April 2001-)
Volume V (Apr 2000-Apr 2001)
Volume IV (Dec 1998)
CF4 tips (Sep 1998-Dec 1998)
Volume III (Aug-Nov 1998)
Volume II (Jun-Aug 1998)
Volume I (Jun 1998)
Tips Offered to CF Advisor (1998-1999)
Keyboard Shortcuts
Tips in Progress (ever present)