Normal practice is to store connection string(database, excel, etc.) of any web application in web.config file.
But on security point of view placing the database connection string or any of that sort in a web.config file without encryption is not secure at all.
So it is mandatory to protect the configurations like connection strings etc. That means place only the encrypted connection strings in web.config file.
To encrypt a section of your web.config execute the following command in the visual studio command prompt.
aspnet_regiis -pef “section name to encrypt” “Physical path of the web application”
Eg:-
aspnet_regiis -pdf “ConnectionString” “D:\MyWebApp\MyBlog”
To decrypt the encrypted section on your system use the following command
aspnet_regiis -pdf “section name to encrypt” “Physical path of the web application”
Eg:-
aspnet_regiis -pdf “ConnectionString” “D:\MyWebApp\MyBlog”
parameter -pef is used for encryption and -pdf is for decryption.
OWIN (Open Web Interface for .NET) is an interface between web servers and web applications…
JSON (JavaScript Object Notation) is a commonly used data exchange format that facilitates data exchange…
The CAP theorem is also known as Brewer's theorem. What is CAP Theorem? CAP theorem…
Some of the Key factors that need to consider while architecting or designing a software…
The Interface Segregation Principle (ISP) is one of the SOLID principles of object-oriented design. The…
The Single Responsibility Principle (SRP), also known as the Singularity Principle, is a software design…