Added: April/07/2004 at 1:41am | IP Logged

Disallowed Parent Path

The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory. 

When you get an error like this it is because parent paths are disabled on the web server. This is a setting in the IIS console for your website.

If it is not enabled on you server you will have to ask your host to enable parent paths for your website.

This is what the settings screen looks like on an XP Machine

Additional Information:

It is enabled by default on IIS4-IIS5 but in IIS6 it is disabled by default.
It is a minor security risk to have enabled and some hosts can be difficult about setting it.

Truth is, if your hosting ASP for customers you need to enable this setting if the customer requests it. Especially since 90% of the ASP applications out there require the setting.

Hosting companies should if they are serious about hosting ASP.


If they won't your only option is to go through all the code and convert the file includes to virtual includes.

http://www.powerasp.com/content/code-snippets/includes.asp

The trouble with virtual includes is they are different depending on the layout of your website. (that's why web application developers generally don't use them)

Basically if you are in a sub domain the path for the virtual include is going to be different then if you were in the root.. etc etc

Also.. someone developing on a local machine would need totally different virtual includes on the development server than they would on the live server. Server Side includes are processed before ASP so there is no way to make them SMART, so to speak. Server Side includes are hardcoded and that's that.

In my opinion virtual includes are pretty useless for commercial web based applications...  Since you don't know where the customers plan to install the apps.
And YES there are some tricks when designing the applications that make it less of an issue but they are not perfect solutions.

For example...

The virtual include below would work if the application or code was installed in the root
<!--#include virtual = /somefile.asp"-->

But if the application or code was installed in a directory called "somedirectory" the virtual include directive would need to look like this

<!--#include virtual = "/somedirectory/somefile.asp"-->

Added: June/10/2004 at 1:54pm | IP Logged

I just did a quick google search... found a ton of info on how to find the setting. Here is one...

These are directions for IIS6 but the process is similar for IIS4-5

1. Click Start, click Administrative Tools, and then click Internet Information Services (IIS) Manager.
2. Double-click your computer name in the left pane, and then double-click Web Sites.
3. Locate the Web site and directory that houses the ASP application.
4. Right-click the application site or directory, and then click Properties.
5. Select Home Directory, and then click Configuration.
6. Click Options, and then click to select the Enable Parent Paths check box.
7. Click OK two times.

Added: September/09/2004 at 8:29pm | IP Logged

also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.

etc etc etc

so let me add this bit of info..

I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.

Added: March/23/2005 at 12:46pm | IP Logged

I have just started to move my sites to a new dedicated Windows 2003 box.  I have parent paths enabled, SSI turned on but I still can't get ../ to work with server side includes.  Everything I read online says that I need to turn on parent paths but again, they are already turned on.

The hosting company where the server is located can't tell me anything, they just say that that is the way it is with Windows 2003.  I don't buy it!

Can anyone tell me anything on this issue to help enable the ../ for serverside includes? 

Added: March/23/2005 at 12:52pm | IP Logged

I have never heard of such a thing...
If the settings are enabled for the web it should work.
That is, as long as your include file syntax is valid.

I run my own windows 2003 server (you are on it now) so I should know

for troubleshooting

try a very very simple example... like a file in a folder.. with a server side include to a file under it

and see if that works

use real simple asp files with nothing crazy in them... and an include like this

<!--#include file = "../myfile.asp"-->

Added: March/23/2005 at 1:40pm | IP Logged

I have narrowed it down.  The ../ for includes will not work with .asp files but will work in .shtml files.

any ideas?

Added: March/23/2005 at 1:42pm | IP Logged

... in addition it is a virtual include not a file.  I just tried to use file instead of virtual and then the ../ includes worked on the asp pages.

This is strange because they used to work like that on the 2000 server I had these sites running on.

Added: March/23/2005 at 3:49pm | IP Logged

You are not supposed to use "../" with a virtual include

Thats goes against what a virtual include is and makes no sense.
When using a virtual include you give the path as if accessing from the root of the main web / virtual directory

I find it very hard to believe it ever worked like that and if it ever did it was wrong.