This website contains links to software which is either no longer maintained or will be supported only until the end of 2019 (CKFinder 2). For the latest documentation about current CKSource projects, including software like CKEditor 4/CKEditor 5, CKFinder 3, Cloud Services, Letters, Accessibility Checker, please visit the new documentation website.

If you look for an information about very old versions of CKEditor, FCKeditor and CKFinder check also the CKEditor forum, which was closed in 2015. If not, please head to StackOverflow for support.

Installation Instructions

Follow these instructions to install CKFinder for ASP.NET on your website.

  1. Copy the distribution files to your web server and place them in the /ckfinder/ folder (or any other folder of your website).
  2. Create a new folder on the server that will be used to store all uploaded files. By default, CKFinder is configured to use the /ckfinder/userfiles/ folder of your website.
  3. Make the user files folder writable for the Internet user. On Windows systems, give write permissions to the IUSR_<ServerName> user.
  4. Edit the config.ascx file. Make sure you have correctly set all settings in that file, and that you have enabled CKFinder. See Configuration for more information.
  5. Create a reference to the CKFinder.dll file in your project by using one of the methods described below:
    - manually copy the CKFinder.dll file (it is located in the ckfinder/bin/Release directory) to the bin directory of your website,
    - or in your Visual Studio.NET project, right-click References in the Solution Explorer section, use Browse to select the CKFinder.dll file from the directory you have saved it in.

You should be ready to go. Open the _samples/aspx/standalone.aspx page in your browser to test and see CKFinder in action.

Security Tips

While installing and configuring CKFinder, keep the following important issues in mind.

  • In IIS, you may set Execute Permissions to "none" in the properties of the user files folder (the folder created in step 2 above).
  • The config.ascx file contains many important security settings. Make sure you have reviewed and understood all of them.
  • Implement a full authentication solution in the CheckAuthentication() function, for example based on session variables. Do not simply "return true" from it as it will make it possible for any user (including anonymous users) to upload and delete files on your server.
This page was last edited on 21 April 2011, at 10:50.