Hi,
>>Opposite of what you're asking but see:
>>
http://support.microsoft.com/default.aspx?scid=kb;EN-US;815152>
>I added this in my web.config and this has absolutely no effect:
>
>
> <httpHandlers>
> <add verb="*" path="*.config" type="System.Web.HttpForbiddenHandler" />
> <add verb="*" path="*.ini" type="System.Web.HttpForbiddenHandler" />
> </httpHandlers>
>
>
>Could it be that this approach is no longer supported in 2.0?
Since MS say these settings are the default I thought you would need to *remove* them from the relevant root web.config. But it was just a thought - haven't had time to check it out..... (Also not at all sure it's a good idea from a security POV)
Regards,
Viv