I have set up a website in my Vista computer. I have html and pl files in the website main directory. Through the execution of these pl files, my visitors create profile data and store them in my subdirectory.

How do I set up a method to allow the pl files to continue to store new data and retrieve existing data from the subdirectory files while not allowing the visitors to access directly to the file in the subdirectory?

I tried this. I used a different machine from WAN side to visit my site. I am able to type in the browser address the full path and the filename to see the content of the data file in the subdirectory.

But if I set the security of the subdirectory to 'deny' for users to block the viewing from WAN site. The pl execution got blocked and cannot access to the data file.

I am used to Unix and Linx, they have execute, write, read setting for each level of users. I can easily allow user to execute but not reading the content. How do I do this in Vista/directory/security setting?