1) It depends. What is that file doing?
2) Yes. The index forbidden only means the webserver will not spit out a list of files in that directory if no file name is given and no default is set (or present)
3) Define "attacks"
4) Depends on how big your site is, your preferences, and what you are trying to do. You didnt really give enough info to make even a guess.
5) Sure they work. THere are a ton of ways of doing it though. Use them when you want to protect an entire directory.
6) Looks ok to me.
7) Since I know less about your website than I do about 14th century Litature, I coudlnt really say. Ensure you are permissioned correctly. Sanitize your inputs, and protect aginst XSS attacks.
__________________
I rarely give code examples.
No, I have never used IIS or Windows of any kind as a web server. Get a real OS!
Please don't PM me, I won't respond.
|