I've moved the /scripts/ directory on a new server, and I'm trying to test that my IIS deny sequence is working correctly to disallow access to the original URL. Can someone give me an example URL inside /scripts/ that should work if I don't have that deny rule, and should be blocked if I do?

bind a domain or subdomain to /scripts/ add a file, foo.txt, browse from an external machine for domain/scripts/foo.txt If that is sucessful then the request filter module works.

Maybe, but I'd rather see the originally shipped files accessible, then not. Just not sure of a URL to get to one. To be clear, I didn't actually move the originals, just changed the setting in the admin to make it accessible at a non-standard URL. So now I need to block the original. This is all per @foundeo' article about this, I'm just being dumb apparently.

try:

/cf_scripts/scripts/cfform.js

Thanks for jumping in Pete. I must have missed some steps here. The original URL still serves that js file, and the one spec'd in cf admin doesn't, whether I use /scripts/ after the URL saved in admin or not. Foo on me, I'll dig into it further.