No need to change the file name to prevent IIS files from being downloaded

                  How can I prevent all files in the encry directory from being illegally downloaded? We can apply the application mapping in IIS combined with the IHttpHandler custom permissions in ASP.NET, map the IIS application to all files, and give control to our own implementation of IHttpHandler.
First add the application mapping: open IIS Manager -> right click on the site we want to control download -> in the properties dialog "Configure...", change the file to your own .netFramework ASPnet_isapi.dll path of. Then modify the web.config and add the httpHandlers item under system.web,

<system.web> ... <httpHandlers> <add verb="*" path="encry/*.*" type= "CustomHttpHandler.Class1,CustomHttpHandler"></add> </httpHandlers> ... </system.web> below to implement IHttpHandler 
//------------ ------------file:Class1.cs--------- using System; using System.Web; namespace CustomHttpHandler { ///<summary> ///Summary of Class1 Description. ///</summary> public class Class1 : System.Web.IHttpHandler { public Class1() { ////TODO: Add constructor logic here //} #region IHttpHandler member public void ProcessRequest(HttpContext context) { //TODO: Add Class1.ProcessRequest implementation //string strRefUrl=context.Request.ServerVariables["HTTP_REFERER"]; /* Insert your own code, read the contents of the file and populate the Response, which simply returns an error message* /context.Response.Write("You cannot access this page"); } public bool IsReusable { get { //TODO: Add Class1.IsReusable getter implement return false; } } #endregion } }