[英]Newbie Trying To Deploy Asp.Net Website
I'm basically wondering what the best way to deploy an Asp.Net Web Site is, mostly from the point of view of security. 我基本上是想知道部署Asp.Net网站的最佳方法是什么,主要是从安全性的角度来看。 Right now, I'm trying to publish the website using Visual Studio 2010. Could someone direct me to a good tutorial on how to do this securely? 现在,我正在尝试使用Visual Studio 2010发布网站。有人可以指导我找到有关如何安全地执行此操作的优秀教程吗? For example, can it be done over an encrypted connection via Visual Studio? 例如,是否可以通过Visual Studio通过加密连接来完成? Is it necessary to install any software on the server to do this? 为此,是否需要在服务器上安装任何软件? Should I use a different program to open up an SSL (TLS) connection first, and if so, which program (does it come standard with windows)? 我是否应该先使用其他程序打开SSL(TLS)连接,如果是,则使用哪个程序(Windows标配)?
The server is running Windows Server 2008. Development is on Vista. 该服务器运行Windows Server2008。开发在Vista上进行。
Many thanks in advance for any direction in this matter! 非常感谢您对此事的任何指示!
Andrew 安德鲁
I would publish the site to your local machine and file copy the files across to your test/production environment. 我会将站点发布到本地计算机,然后将文件复制到测试/生产环境中。 As a rule we don't publish sites straight from VS to test or production. 通常,我们不会从VS直接发布网站进行测试或生产。
For example you don't want to accidentally push things straight from dev into a live environment do you? 例如,您不想意外地将事情从开发者直接带入现场环境吗?
As far as the file transfer security goes you could use SFTP. 就文件传输安全而言,您可以使用SFTP。
Note : First thing is to check with the owner of the server, as they often will provide you an FTP connection and will take care of configuring IIS. 注意 :第一件事是与服务器所有者联系,因为它们通常会为您提供FTP连接,并会配置IIS。
If you want to add security, make a keyfile and sign your assemblies and consider running Dotfuscator on your dlls, the community edition is included in Visual Studio. 如果要增加安全性,制作密钥文件并签名程序集,并考虑在dll上运行Dotfuscator,则Visual Studio中包含社区版。 Here is an earlier question where I've put more info on Dotfuscator . 这是一个较早的问题,我在其中添加了有关Dotfuscator的更多信息。
If you have to do the deployment yourself, here's a few things to consider. 如果您必须自己进行部署,请考虑以下几点。
There is no security advantage in deploying using Visual Studio, but you can use Visual Studio to create a small setup program. 使用Visual Studio进行部署没有安全优势,但是您可以使用Visual Studio创建一个小的安装程序。 One thing you want to make sure for security is DO NOT deploy any .cs files. 您要确保安全的一件事就是不要部署任何.cs文件。 Prepare your files, you should compile in Release mode, make sure debug is not enabled in your config file, keep your bin and it's dll, also the aspx, asmx, ascx, svc, css, js, and config files. 准备文件,您应该在发布模式下进行编译,确保未在配置文件中启用调试,保留bin及其dll,以及aspx,asmx,ascx,svc,css,js和config文件。
Here is extra info on best practices from the official ASP.Net website . 这是来自ASP.Net官方网站的有关最佳做法的更多信息。
If you have some control on the server (eg to configure IIS7), you might want to look into Microsoft Web Deploy (new product just been released): 如果您对服务器具有某些控制权(例如,配置IIS7),则可能需要研究Microsoft Web Deploy(刚刚发布的新产品):
http://weblogs.asp.net/scottgu/archive/2010/09/13/automating-deployment-with-microsoft-web-deploy.aspx http://weblogs.asp.net/scottgu/archive/2010/09/13/automating-deployment-with-microsoft-web-deploy.aspx
Haven't tried it myself, but looks quite slick and it apparently encrypts the data being copied up, so might suit you. 我自己还没有尝试过,但是看起来很漂亮,而且显然可以加密要复制的数据,因此可能适合您。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.