Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
maybe i am understanding it all wrong but as i understood the best way to protect your connection string is through encrypting it, now i got these questions.
Question 1:
will encryption work in shared hosting environment ?
Question 2:
if i have an FTP service can any user upload an ASPX file and retrieve the connection string through configuration manager namespace ?
Question 1:
What are you protecting your connection string against?
If it’s against hackers and such, if
web.configis available for them, your system has already been compromised and nothing you can do will help you.If it’s against casual observers (i.e. the coders), even something simple as base64 encoding will help.
Question 2:
You shouldn’t allow your users to upload files to a directory where aspx files can be executed – that way the users can do anything they want.