My client has their site under SSL security...What needs to be done to allow them to access the image folder, as well as upload images.  I have the proper IUSR account giving anonymous access to that folder, but am getting this error within the image selection popup...

 

THE AREA YOU ARE ATTEMPTING TO ACCESS IS FORBIDDEN

 

 

Any help would be greatly appreciated!

 

THX

 

Matt Espo

It has nothing to do with the https.

It looks like the security session of the current user has expired.

 

So is this related to the IUSR account not having proper permissions?  What permissions should the anonymous user have to be able to read/post image files.  Unfortunately, we do not host this server and I cannot see what the Admin has set for permissions on this folder.

 

Thanks for the help!

 

Matt Espo

Matt,

 

I have had this problem too. It is related to the image popup window (and document, media and flash) not trasfering the current sessions to the window. The problem is in the browse_img.asp file line 14

 

If InStr(Lcase(ImageGalleryPath),Lcase(trim(Session("ImageGalleryPath")))) <= 0 or Session("ImageGalleryPath") ="" then Response.Write "The area you are attempting to access is forbidden"
Response.End
End If

 

I found flushing the cache does help, it would be useful of CuteSoft would pass a randomize string variable when calling the popup. It dies badly with Mac safari. I added CacheControl and AddHeader (http://support.microsoft.com/kb/q234067/) and it seems to help.

 

On the site security, if you have access to the server, make a user id for the client to login on, lock the directory down to that user account via NT secuirty, and the allow access only to that user account.