Sign In
Register
Help
Hi All
I would like to encrypt part of my web.config file and are wondering what functionality is provided to do so??
I have downloaded an asp.net tutorial and have tried using the code with no success.
Has anyone else managed to protect their connection strings??
Any help would be greatly appreciated.
Cheers Petetutorial
Page 1 of 1
Encrypting web.config
MultiQuote
#2
- Group: Admin
- Posts: 2265
- Joined: 27-October 02
Posted 01 February 2010 - 06:25 PM
Hi,
I've never personally seen any working solution for encrypting part or all of your web.config, by default any server will not allow a visitor to display this file via a browser unless you specifically tell it too, it would take root FTP access of some sort to actually display your file in which case you'd probably have more to worry about than just your config strings being compromised.
I haven't fully read the article you linked too but it seems that no matter what the encryption method used it must be also be able to be decrypted which means whilst this may slow down a potential attacker, it's probably not 100% foolproof either.
Regards.
I've never personally seen any working solution for encrypting part or all of your web.config, by default any server will not allow a visitor to display this file via a browser unless you specifically tell it too, it would take root FTP access of some sort to actually display your file in which case you'd probably have more to worry about than just your config strings being compromised.
I haven't fully read the article you linked too but it seems that no matter what the encryption method used it must be also be able to be decrypted which means whilst this may slow down a potential attacker, it's probably not 100% foolproof either.
Regards.
Page 1 of 1