堆栈内存溢出
  简体   繁体   English

新手尝试部署Asp.Net网站

[英]Newbie Trying To Deploy Asp.Net Website

 原文  2010-09-06 23:31:39       asp.net/ security/ visual-studio-2010/ web/ publish

问题描述

I'm basically wondering what the best way to deploy an Asp.Net Web Site is, mostly from the point of view of security. 我基本上是想知道部署Asp.Net网站的最佳方法是什么,主要是从安全性的角度来看。 Right now, I'm trying to publish the website using Visual Studio 2010. Could someone direct me to a good tutorial on how to do this securely? 现在,我正在尝试使用Visual Studio 2010发布网站。有人可以指导我找到有关如何安全地执行此操作的优秀教程吗? For example, can it be done over an encrypted connection via Visual Studio? 例如,是否可以通过Visual Studio通过加密连接来完成? Is it necessary to install any software on the server to do this? 为此,是否需要在服务器上安装任何软件? Should I use a different program to open up an SSL (TLS) connection first, and if so, which program (does it come standard with windows)? 我是否应该先使用其他程序打开SSL(TLS)连接,如果是,则使用哪个程序(Windows标配)?

The server is running Windows Server 2008. Development is on Vista. 该服务器运行Windows Server2008。开发在Vista上进行。

Many thanks in advance for any direction in this matter! 非常感谢您对此事的任何指示!

Andrew 安德鲁

3 个解决方案

解决方案1
 1  2010-09-06 23:38:40

I would publish the site to your local machine and file copy the files across to your test/production environment. 我会将站点发布到本地计算机,然后将文件复制到测试/生产环境中。 As a rule we don't publish sites straight from VS to test or production. 通常,我们不会从VS直接发布网站进行测试或生产。

For example you don't want to accidentally push things straight from dev into a live environment do you? 例如,您不想意外地将事情从开发者直接带入现场环境吗?

As far as the file transfer security goes you could use SFTP. 就文件传输安全而言,您可以使用SFTP。

解决方案2
 0 已采纳  2010-09-06 23:39:41

Note : First thing is to check with the owner of the server, as they often will provide you an FTP connection and will take care of configuring IIS. 注意 :第一件事是与服务器所有者联系,因为它们通常会为您提供FTP连接,并会配置IIS。

If you want to add security, make a keyfile and sign your assemblies and consider running Dotfuscator on your dlls, the community edition is included in Visual Studio. 如果要增加安全性,制作密钥文件并签名程序集,并考虑在dll上运行Dotfuscator,则Visual Studio中包含社区版。 Here is an earlier question where I've put more info on Dotfuscator . 这是一个较早的问题,我在其中添加了有关Dotfuscator的更多信息。

If you have to do the deployment yourself, here's a few things to consider. 如果您必须自己进行部署,请考虑以下几点。

  • XCopy (easy) XCopy (简单)
  • MSI (have to create a setup program, you can do this easily in Visual Studio) MSI (必须创建安装程序,您可以在Visual Studio中轻松完成此操作)

There is no security advantage in deploying using Visual Studio, but you can use Visual Studio to create a small setup program. 使用Visual Studio进行部署没有安全优势,但是您可以使用Visual Studio创建一个小的安装程序。 One thing you want to make sure for security is DO NOT deploy any .cs files. 您要确保安全的一件事就是不要部署任何.cs文件。 Prepare your files, you should compile in Release mode, make sure debug is not enabled in your config file, keep your bin and it's dll, also the aspx, asmx, ascx, svc, css, js, and config files. 准备文件,您应该在发布模式下进行编译,确保未在配置文件中启用调试,保留bin及其dll,以及aspx,asmx,ascx,svc,css,js和config文件。

  • XCopy : Install a small FTP server, or use one your company alreayd has, this will allow you to get your files once you are logged into the target machine. XCopy :安装一台小型FTP服务器,或使用您的公司提供的FTP服务器,这将使您在登录到目标计算机后即可获取文件。 You should be able to get an administrator account for the target machine, just ask the sysadmin of the domain, then log on using remote desktop, got to your ftp site, and download your files. 您应该能够获得目标计算机的管理员帐户,只需询问域的sysadmin,然后使用远程桌面登录,进入ftp站点并下载文件即可。 Open IIS on the target machine, create a virtual directory and a pool. 在目标计算机上打开IIS,创建一个虚拟目录和一个池。 Copy your files to the location, configure your connection string to your DB if you use one, then test your website. 将文件复制到该位置,如果使用连接字符串,则将连接字符串配置到数据库,然后测试您的网站。
  • MSI : same process as above, except the setup will create the virtual directory and pool for you. MSI :与上述过程相同,不同之处在于安装程序将为您创建虚拟目录和池。

Here is extra info on best practices from the official ASP.Net website . 这是来自ASP.Net官方网站的有关最佳做法的更多信息。

解决方案3
 0  2010-09-19 13:34:53

If you have some control on the server (eg to configure IIS7), you might want to look into Microsoft Web Deploy (new product just been released): 如果您对服务器具有某些控制权(例如,配置IIS7),则可能需要研究Microsoft Web Deploy(刚刚发布的新产品):

http://weblogs.asp.net/scottgu/archive/2010/09/13/automating-deployment-with-microsoft-web-deploy.aspx http://weblogs.asp.net/scottgu/archive/2010/09/13/automating-deployment-with-microsoft-web-deploy.aspx

Haven't tried it myself, but looks quite slick and it apparently encrypts the data being copied up, so might suit you. 我自己还没有尝试过,但是看起来很漂亮,而且显然可以加密要复制的数据,因此可能适合您。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Web部署后ASP.NET没有网站 - ASP.NET no website after web deploy ASP.NET,部署网站的步骤 - ASP.NET, steps to deploy a website 如何从Asp.Net网站进行部署 - How To Deploy From An Asp.Net Website 将ASP.NET MVC网站部署到IIS 8 - Deploy asp.net mvc website to iis 8 如何部署/发布ASP.NET网站? - How to Deploy/Publish an ASP.NET website? 主办 <wrong host> 不允许连接到此MySQL服务器以尝试部署IIS ASP.NET网站 - Host <wrong host> not allowed to connect to this MySQL server trying to deploy IIS ASP.NET website 使用Visual Studio 2012部署ASP.NET网站(.NET 2) - Deploy ASP.NET Website (.NET 2) using Visual Studio 2012 与ASP.NET MVC网站一起部署ASP.NET网站 - Deploy ASP.NET website alongside ASP.NET MVC website 在Azure云服务上部署ASP.NET网站 - Deploy an ASP.NET WebSite on an Azure Cloud Service 如何使用Linq to Sql组件部署ASP.NET网站 - How to deploy an ASP.NET website with a Linq to Sql component
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM