Hi,
My application is on the shared Hosting.I've encrypted my Connection String programmatically to make it secure. However, the hacker still is able to decrypt the encrpted Connection String adding scripts into the DB.
Just wondering if there is a way to solve this problem? Many thanks !!!
emily-bcot
0
Newbie Poster
Recommended Answers
Jump to PostI Think It Is Good Idea to Put Your Connection String As Parameter on Web.config File. Another Solution is to Hide The Details of your Connection Using DSN.
All 3 Replies
Hatem Salem
0
Newbie Poster
I Think It Is Good Idea to Put Your Connection String As Parameter on Web.config File. Another Solution is to Hide The Details of your Connection Using DSN.
Fortinbra
37
Posting Whiz in Training
If you put your connection string in your web.config, you can use the obfuscater to encrypt your entire file, and also you want to surround and data entry points with code that checks against database code. So that they can't type a select statement into a search box and gain more info than they should.
kvprajapati
1,826
Posting Genius
Team Colleague
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.