Home/ Questions/Q 6004781
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T01:18:40+00:00

anyone from MS or some MS MVP? Any improvements for encrypting specific custom section

  • 0

anyone from MS or some MS MVP? Any improvements for encrypting specific custom section in web.config besides using hack like in Using ASPNet_Regiis to encrypt custom configuration section – can you do it?

Danger of being hacked is very high these days, so be able encrypt config is something which can certainly help improve security.

Anyone info, update welcome.

Thanks, X.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’ve faced this problem myself today and really struggled to get anywhere with the command line tool aspnet_regiis.exe

    I think my main problem is that I had built myself a custom section group, not just a section so the command line tool didn’t really want to play ball.

    Instead I wrote a webpage with access restricted to myself with code similar to the following

    Private Sub Encrypt()
    Dim cfg As Configuration = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath)
    Dim grp As ConfigurationSectionGroup = cfg.GetSectionGroup("MySectionGroup")
    Dim sect As ConfigurationSection
    For r As Integer = 0 To grp.Sections.Count - 1
        sect = grp.Sections(r)
        If Not sect.SectionInformation.IsProtected Then
            sect.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider")
        End If
    Next
    cfg.Save()
End Sub

    Hope this helps or at least points you in the right direction 🙂 Decrypting is basically the opposite of above (.UnprotectSection)

    • 0