DISABILITARE ADBLOCK

ADBlock sta bloccando alcuni contenuti del sito

ADBlock errore
5 Characters minimum

Question

codeproject.com Main source: https://www.codeproject.com/questions/43935/RARS3LV

Hide connection string in a hosting environment / no registry access

My hoster doesn't allow access to their registry so the published ways to encrypt connection strings won't work. Up to now, I just included the connection strings in the code behind, precompiled the web pages, and stored the customer data in a different database from the aspnetdb.mdf. I don't know if this really enhances security. And it would be fine to hide the connection to the membership data as well. Does anybody know a way to do this?
Thanks
Fritz

Leggi tutto

Solution

The .Net Framework supports encryption of connection strings in the app.config file.  This replaces the need to use the registry.

See this MSDN article[^] for more details. 

YOU ARE NOT SATISFIED ?

OTHER TIPS

I started trying with DpapiDataProtectionProvider 3 years ago but I tried again today. That works fine locally but it doesn't work on the server of my hosting provider. When I upload the encrypted config file, the host machine doesn't know what to do with the cypher. If I try to encrypt on the host machine, only part of the connectionStrings is encrypted (not the sensible parts), and the system stops recognizing any code in the config file. It seems to be a question of trust level, which is a hot subject for web hosters.

USEFUL SOURCES

CodeProject
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow