Is encrypting the web.config file really necessary?

If you are new to web.config encryption then you may be asking yourselves these questions. Why encrypt the web.config file? If someone gets access to your server there is not point if the web.config file being encrypted.

That is not entirely true. Depending on what type of access they have to the server makes a huge difference. Worst case scenario the hacker gets Admin access to your server. In that case if the web.config is encrypted using the server’s machine key it can be easily decrypted. If lesser access is granted then the hacker will only be able to see the encrypted web.config, saving your passwords and connectionstrings from falling into the wrong hands, will can lead to greater harm.

There are simple changes that can be made to make your encryption more secure. If you set the useMachineProtection value to true while setting your DpapiProtectedConfigurationProvider, whoever has access can encrypt/decrypt the web.config file on the machine. Otherwise if useMachineProtection is set to false then to encrypt/decrypt you need access to the user account.

By default useMachineProtection is set to true, not really sure why, since that is the less secure option.

Bookmark and Share

Leave a Reply

Your email address will not be published. Required fields are marked *