Hello,

I have just finished building my tbh based website and have deployed it to the final hosting machine and have struck a problem.

The site works perfectly, but I am quite concerned about the security of the web.config file. I am able to encrypt the Connection Strings section, but have had to use an impersonate command to provide username and password access to the database on a separate machine. The mail settings section also holds information like this that I do not want to be readily available. I cannot encrypt these two sections.

Do you have any ideas as to how I can make absolutely sure my site is secure?

Many thanks.

Why do you want prevent web.config acess?

Normally, the person in your host company that have acess to your web.config file has acess too to your database! He don't need to know your password.

The password is only needed when someone try to acess with an external connection. But web.config file is unacessible to external connections.

But you can put your stringconnection inside a code-behind (dll file)
But there are ways to decrypt dll too!

(i think)

Hi sorry about the delay in replying - have been away from the office.

We are hosting the site internally on one server with the database on a separate server - as this is the case we have created a user on the website server that can only access the database for the website - which is why we used the impersonate - please feel free to tell me if there is a better way to do this as I am not convinced we have it right.

This is also why we want to prevent web.config access as it has the website username and password in plain text in an identity section.

On speaking to a few people here they are not convinced that the web.config file is completely unaccessible to external connections.

My latest idea is to try to move all passwords and connection string info into appSettings which will encrypt it all in one go - any ideas as I am having difficulty getting this working.

Thanks in advance for any help with this
:)

This is a big subject and not covered by this particular book. There is a lot of info on ASP.NET security on MSDN.

You could store any sensite data in an encrypted XML file if you want. But you need to make sure you only decrypt it once and save a reference to it to prevent a performance problem. You could save a reference in Cache or in a static field using a Singleton class.

Or you can save sensitve data in ACL protected registry keys. Only the web site user account would be allowed to read from those keys. You could also encrypt those keys if you are super paranoid.

If you're using Windows security on SQL Server and you are using impersonation then there is no need to store a DB username or password since DB login will be automatic. This can't be used on hosted sites, of course.

Eric