Is web.config more secure than class?

Question

Is web.config more secure than class?

I read a tutorial on ASP.NET and a third-party API, and he mentioned that the KEY and SECRET KEY APIs should be stored in the web.config file for security on production servers, and not in classes that use them, However, I'm not quite sure which is safer for the web.config file than for the class? I understand the convenience of storing it in a configuration file, but I don’t see the security benefits?

+3

security c # asp.net web-config private-key

o-logn Apr 16 '10 at 17:45

source share

4 answers

web.config.

.

http://odetocode.com/blogs/scott/archive/2006/01/08/encrypting-custom-configuration-sections.aspx

+1

Felan 16 . '10 17:49

web.config , -. , .

+1

Yuliy 16 . '10 17:50

. , , , .

. web.config ( App_Code) ( bin) ( , ).

, . web.config , , Reflector, , .

The only advantage web.config has over building an assembly is that you can encrypt sections of the web.config file, as Scott Guthrie points to his blog .

0

casperOne Apr 16 '10 at 17:50

source share

kemiller2002 · Accepted Answer · 2010-04-16T17:48:16+0000

To get started, you can quickly update the API key in the web.config file. You will have to recompile the class and redeploy the class.

web.config, asp.net 2.0

http://weblogs.asp.net/scottgu/archive/2006/01/09/434893.aspx

machine.config, , , - . Web.Configs , web.config , , .

Is web.config more secure than class?

More articles: