Last post Jan 25, 2017 05:35 AM by Chris Zhao
Jan 23, 2017 02:30 AM|linkhero|LINK
I've been using ASP.NET Web Pages in a development environment, with the DB connection strings info stored in the web.config. Is there any recommendation about storing that info in that file, before deploying a web site?
Several sources said that in theory, the Web.Config file is note served by IIS. Is that security level enough? Any suggestion?
Jan 23, 2017 06:38 AM|HostingASPNet|LINK
You could check at
Jan 25, 2017 05:35 AM|Chris Zhao|LINK
Connection strings in configuration files are typically stored inside the <connectionStrings> element in the app.config for a Windows application, or the web.config file for an ASP.NET application. For more information on the basics of storing, retrieving
and encrypting connection strings from configuration files, see
Connection Strings and Configuration Files(Encrypting Configuration File Sections Using Protected Configuration).