S*e
2 楼
做个网站
数据库,管理员密码啥的都放在了web.config里面
web.config在跟目录下,没有任何权限设置
这个安全吗?
数据库,管理员密码啥的都放在了web.config里面
web.config在跟目录下,没有任何权限设置
这个安全吗?
l*g
10 楼
为什么不用ASP.NET自动生成的用户名和密码管理?
s*o
12 楼
The content of the web.config won't be disclosed to anyone through your web
site, unless you tweak IIS explicitly. So, it's safe from those web users.
On the other hand, anyone who has a valid account on that server, and if the
ACL allows, is able to read your web.config content. To add protection to
this level, you can encrypt those sensitive information.
site, unless you tweak IIS explicitly. So, it's safe from those web users.
On the other hand, anyone who has a valid account on that server, and if the
ACL allows, is able to read your web.config content. To add protection to
this level, you can encrypt those sensitive information.
k*n
16 楼
如果别人能看到你webconfig。。。那就不是.net的问题了。。
S*8
17 楼
用 membership provider呀
d*m
18 楼
You can run aspnet_regiis.exe and pass the sections you want to encrypt.(
user user Store so that others who login the same server cannot decrypt it )
Note you don't need to write code to decrypt them, as asp.net does
http://msdn.microsoft.com/en-us/library/ff647398.aspx
【在 S****e 的大作中提到】
: 做个网站
: 数据库,管理员密码啥的都放在了web.config里面
: web.config在跟目录下,没有任何权限设置
: 这个安全吗?
user user Store so that others who login the same server cannot decrypt it )
Note you don't need to write code to decrypt them, as asp.net does
http://msdn.microsoft.com/en-us/library/ff647398.aspx
【在 S****e 的大作中提到】
: 做个网站
: 数据库,管理员密码啥的都放在了web.config里面
: web.config在跟目录下,没有任何权限设置
: 这个安全吗?
H*g
19 楼
顶楼上的。那个加密方式是SHA1吧
相关阅读
asp.net里,每个user加一個用戶头像,头像存在哪个表里?Junior DotNet Developer for Dallas Texasazure一问VB.net 的小问题菜鸟提问:WinForm被什么淘汰了?nyc big bank c#/wpf openingADA Compliance / Web Accessibility Evaluation Tool Recommen (转载)请问如何将C#+.net的程序移植到linux上基于SharePoint site的文件处理XBAP有人用过吗?两周拿OCPJPWPF还会出新版本吗?求网络项目 (转载)error .mdf file unable to attach in Visual Studio 2013 win (转载)mvc还是mvp ,哪个好?选择哪种 application form (转载)我承认,我惊呆了Announcing ASP.NET Core 1.0招个马工征婚女征男