How to solidly protect web.config

Question

maybe i am understanding it all wrong but as i understood the best way to protect your connection string is through encrypting it, now i got these questions.

Question 1:

will encryption work in shared hosting environment ?

Question 2:

if i have an FTP service can any user upload an ASPX file and retrieve the connection string through configuration manager namespace ?

Answer 1

1: I can't see why not.

2: Potentially, although you should be taking measures to prevent this. I find the best approach is to use windows authentication and set the identity of the app-pool to use a dedicated, locked-down, windows account in IIS. This way your connection string will never contain a password.

Answer 2

Not an answer to your 2 questions, but: The best method for protecting connection string is not having such connection that requires password in connection string. NTLM or similar is much more secure. Other than that if users have access to FTP - encryption is so-called security by obscurity which can be easily reversed.

Answer 3

Question 1:

What are you protecting your connection string against?

If it's against hackers and such, if web.config is available for them, your system has already been compromised and nothing you can do will help you.

If it's against casual observers (i.e. the coders), even something simple as base64 encoding will help.

Question 2:

You shouldn't allow your users to upload files to a directory where aspx files can be executed - that way the users can do anything they want.