Menu
How can we encrypt the connection string section in web.config file?
338
config based connectionstring as seems is unsafe, because one can read it. But think about it, if a person can read your web. config, means he can edit any file on your server anyways as he probably already hack or gain access to file.
To save having to visit external links, in C:\Windows\Microsoft.NET\Framework\v4.0.30319 (for .NET 4 / 4.5)
aspnet_regiis.exe -pe "connectionStrings" -app "/YourWebSiteName" -prov "DataProtectionConfigurationProvider" To decrypt connectionStrings section using this tool, you can specify following command in aspnet_iisreg.exe tool.
aspnet_regiis.exe -pd "connectionStrings" -app "/YouWebSiteName" Rahul, converting a string from ASCII to base64 string isn't an encryption, which is what your first link suggests. We can easily convert base64 to ASCII.
Using configsection.protectSection() with an RSA key is a proper encryption that is available for sections of the Web.config file.
Check this link: http://www.beansoftware.com/ASP.NET-Tutorials/Encrypting-Connection-String.aspx
Please note, that we can not encrypt Web.config file in a shared hosting environment where Trust level is set to medium trust.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
