Update Site Security Suggestions

Does anyone have any suggestions for some security on the .wys/.wyu update files being hosted on an IIS site?

Hey Scott,

Security in what sense? You can make sure the updates aren't being tampered with by using update signing. And/or you can limit updates to customers who have an upgrade contract with you (see: How to prevent or limit updates).

Tell me if this helps.

That does indeed help. Thanks!

Though I was more thinking someone could just go to http://mysite.com/myupdatefile.wyu and download it. Is the file of any use to them?

Well, it depends on that *.wyu file. Sometimes there are full files in there. Sometimes there are just patch files. Sometimes there are no files whatsoever (just metadata).

So, if you need to protect your files then use the techniques described in "How to prevent or limit updates"" article to limit access to the *.wyu files to only users with a valid product key.