How do I create a Rewrite Rule in IIS to temporarily conceal all PDF files?

Question

I've got some PDF files sitting out on a web server, and for the time being I would like to hide them (i.e. have them return 404s). Can this be accomplished in the web.config file with a Rewrite Rule?

In Apache you can do this with something like this:

RewriteRule \.pdf$ - [R=404,L,NC]

How do I accomplish the same effect with IIS?

Are the files placed in a seperate folder ? – Abhinav Galodha Jan 27 '16 at 16:23 — Abhinav Galodha, Jan 27 '16 at 16:23
No they are not; they're in the root directory of the site. – soapergem Jan 27 '16 at 17:07 — soapergem, Jan 27 '16 at 17:07

Abhinav Galodha · Accepted Answer · 2016-01-27T17:33:25.423

1

One way to achieve this is using the HiddenSegments in IIS. HiddenSegments would make URLs inaccessible to clients. Also, IIS will return an HTTP 404 error to the client and log the 404.8 HTTP substatus.

<configuration>
   <system.webServer>
      <security>
         <requestFiltering>
            <hiddenSegments>
               <add segment="pathofpages" />
            </hiddenSegments>
         </requestFiltering>
      </security>
   </system.webServer>
</configuration>

EDIT 1: You can also use RequestFiltering to Deny the PDF extension for the clients. HttpStatus sub code 404.7would be returned. All requests for PDF files will be denied.

From IIS.net

In the Request Filtering pane, click the File Name Extensions tab, and then click Deny File Name Extension... in the Actions pane.

edited Jan 27 '16 at 17:33

answered Jan 27 '16 at 16:42

Abhinav Galodha

9,293
2
31
41

Is there any way to apply this to certain file extensions, and not just to whole folders? – soapergem Jan 27 '16 at 17:06
you can specify the URL of each file as well, not just the folder. – Abhinav Galodha Jan 27 '16 at 17:27
Perfect, Request Filtering is exactly what I was looking for. – soapergem Jan 31 '16 at 04:42

How do I create a Rewrite Rule in IIS to temporarily conceal all PDF files?

1 Answers1