Near the bottom of the dashboard page is has this warning:

DATABASE DOWNLOADABLE: WARNING!! It may be that your database is downloadable. This may mean that someone could download your database and gain access to your admin username and password. For more details please visit https://www.ecommercetemplates.com/help/checklist.asp#asp

I've double checked an the database is not downloadable:
C:\xxx\yyy\data\caladiumworld.mdb

How do I remove the message that it may be downloadable?

Hi, the location is accessible and that's not good. https://www.changedforsecurityreasons.com/data/changed.mdb but IIS does not allow that file extension, further, you need to turn off detailed error messages as that's one way hackers are able to figure out how to hack into your site.

You should really have that database moved outside the root of your site, particularly now that the location is exposed here, where google will pick it up. Move it now!

Thanks,
David

Our server tech assures us the database is not downloadable.

I'm using the same software on the same server in the same configuration for a few other sites and the others do not show this message.

Even if the database is not downloadable it is just prudent and it is not rocket science to create a location outside the web root for the database. I'm not sure why the server tech spend their time checking that it's not downloadable instead of just moving it to tell the truth.

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

Figured out why the admin was showing the database downloadable. There was a file in the root /fpdb/caladiumworld.mdb. It was not the database defined in db_conn_open.asp, which was outsite the root. Deleting it removed the warning message.