How to secure DocumentRoot

Hello

I have several virtuel hosts on my Apache webserver running Windows 2000.

Every host has its own DocumentRoot.


ServerAdmin xx@domain.com
DocumentRoot d:/root/domainmap
ServerName www.domain.com
ServerAlias domain.com


With an ASP created program it is possible leave the DocumentRoot and browse
the whole server.

How do I prevent that ?

How do I configure Apache (or ASP or Webserver) so noone can leave their
DocumentRoot (or at least only go forward in maps) ?

Is it possible at all ?

Henrik

Re:

In article <46d8222f$0$19622$4c368faf@roadrunner.com>,
"Jim Carlock" writes:
> Does anyone here know anything about the following IP address...
>
> 212.93.201.123
>

What do you want to know about'em?

The IP address resolves to a machine in the napcogroup.com
domain. napcogroup.com resolves to a company in Saudi
Arabia.

So, now what?


--
Robert G. Melson | Rio Grande MicroSolutions | El Paso, Texas
-----
"People unfit for freedom---who cannot do much with it---are
hungry for power." ---Eric Hoffer