Last post Sep 01, 2017 11:38 AM by markfitzme
Aug 30, 2017 08:32 AM|Raja.India|LINK
Is possible to Encrypt my file which is hsted in local IIS, so that no one can copy and decompile the aspx page..
Aug 31, 2017 07:06 AM|PatriceSc|LINK
Even from an admin user having access to this web server? You could ship a compiled application and possibly use an https://en.wikipedia.org/wiki/Obfuscation_(software) tool.
For securitu issues, it's IMO best to start fr(om what happens currently that you want to prevent, prevent that and repeat rather than to think first about the final destination you want (a bit like when driving to a not so close destination)...
Sep 01, 2017 10:04 AM|Raja.India|LINK
Thanks For Your Reply
Is Obfuscation is free for commericial use..? Will Obfuscation software compile my asp.net 2.0 C# page...
Also if page compile hope it will not decomple with any software..? coz we for us it take year and year to devlope..
Need best solution for this
Thanks in advance
Sep 01, 2017 10:50 AM|PatriceSc|LINK
Which version of VS do you use? It usually ships with a free version and you have a paid version with extra features. To be on the safe side, your app is installed on 3rd party servers ? A regular client side user doesn't have access to your compiled code.
Also it might be easier for someone to create its own copy rather than start from decompiled code.
In short I would obsfucate code if I have to ship something to a 3rd party that solves problem using some unique, efficient and complex algorithm and wouln't bother if it support a common task such as invoicing etc...
Edit: see perhaps
Sep 01, 2017 11:38 AM|markfitzme|LINK
All .Net code can be decompiled. Even non-.Net code can be decompiled. You don't encrypt a page, you encrypt the DLL. If you are using a website project that is not pre-compiled and requires you to deploy the .cs codefiles then no, this won't work.
Also, .Net 2.0 has not been supported for more than a year by Microsoft so finding vendors that have tools that support it are getting smaller. The last version of that framework to be supported is .Net 3.5 SP1, which will go out of support in 2020.
As PatriceSc said, if you aren't doing something really unique, or have very particular and sensitive business logic being used, attempting to obfuscate the code isn't really worth it.