Installed in the client's file, there are web. Config, the open, see is essentially a user name and password, how to avoid the customer see?

CodePudding user response:

Encryption and decryption process, whether in an open encryption "switch"

CodePudding user response:

The config users can't see, unless the server is compromised

CodePudding user response:

refer to the second floor of autumn red fruit response:

config users see, unless the server is compromised

program on users of the company's computer

CodePudding user response:

To build the API, to avoid the client direct access to the database

CodePudding user response:

If it is a web application, IIS is forbidden access config files, to a certain extent can protect, or as said the second floor, after store encrypted string in the config, when need to use in the program,

CodePudding user response:

refer to RGN reply: 3/f

Quote: refer to the second floor in the autumn red fruit reply:

Config user can't see, unless the server is compromised

program in user computer

server generally on the cabinet, to lock, is not literally who can go in, in addition, the operating system is also encrypted; If otherwise, the somebody else get your program, decompiled, your encryption algorithm and key parade

By the way, as if the.net Core, after the release, the string is automatically encrypted

CodePudding user response:

Just a matter of direct encryption, code decryption

CodePudding user response:

What if able to access the server, there is no secret, DLL decompiling, annotations are some, encryption, algorithm, key. No secret about
Just don't want access to the server, open the config can see the DB password, you can write the code, just add a secret. If you want to see, but also decompiling.
Also can be written as 2 into the ciphertext, somewhere on the server, let a person can't find, so need analysis to find decompiled code.
However, no one would be so boring, if does not involve interests

CodePudding user response:

Encryption does not explain