I am developing an asp.net mvc 2 web application. My clients are likely to want a copy of my application to be hosted on my server, instead of hosting it on my server for all clients.
However, I see a problem with this because I planned to use the .net 2.0 cipher to encrypt my web.config to make it more secure. I need to think carefully that I will only give them my .dll and views, etc. They are not going to receive information about my file so that they can download it and see what happens.
So, what happens if I encrypt the web.config file and suddenly the database connection string changes? Let it be a change of address or change of username / password.
How would they change it if it is encrypted? Will this mean that I will have to rebuild my site and send them a new copy with the changes? Or is this their other way?
If there is no other way, it seems to me that I should? What happens if something happens, and for some reason I can’t get new changes to them until 48 hours later. This means that they cannot use the service for 48 hours.
I have no problems with support, but when he begins to come to the little things that they probably will have to control, in the first place, they probably should.
I would prefer it to be encrypted, but at the same time, if I have to make all the changes to web.config, this is not good either. Since it can open various security problems, because they must somehow make changes to me.