asp.net – 拒绝直接访问文件夹(仅允许通过应用程序)

There are two solutions for doing that:

1- You can put your “UsersUploads” folder outside the website
directory,so if your website exist on “c:websiteexample.com” you
can put the “UsersUploads” there “c:UsersUploads”,Like that IIS has
no control over this folder and its files,And your website code will
still have access to this directory as a normal physical path.

2- Stop IIS from serving this folder:

IIS by default doesn’t server some website folders and files such App_Data,App_Code,bin,App_GlobalResourses,App_LocalResources,Web.config,….