secure connection to the server mysql - C #

Question

I have questions about a secure connection to the database. I made a connection with MySql database using app.config file in which I put the data server, database, and user password. The so-called connectionString. Is it safe?

Please help and have any tips or any good material.

Example code:

<connectionStrings>
    <add
        name="MyDBConnectionString"
        connectionString="NameServer.info; User Id=NameUser; Persist Security Info=True; database=DatabaseName; password=Pass"
        providerName="MySql.Data.MySqlClient"
    />
</connectionStrings>

Answer 1

You should encrypt your Connection Strings stored in configuration file.

Use aspnet_regiis.exe found in: Start –> Visual Studio –> Visual Studio Tools –> Visual Studio Command Prompt

Run this command:

aspnet_regiis –pef connectionStrings c:\PathToWebSite

If the above command does not work try

aspnet_regiis -pe connectionStrings -app "/" -site n

where n is the site ID of website as reported in IIS.

Now if your Connection String section will be encrypted:

<connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
  <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
   xmlns="http://www.w3.org/2001/04/xmlenc#">
   <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
   <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
     <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
     <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
      <KeyName>Rsa Key</KeyName>
     </KeyInfo>
     <CipherData>
      <CipherValue>Bf677iFrUFW ... +4n4ZZKXCTUAu2Y=</CipherValue>
     </CipherData>
    </EncryptedKey>
   </KeyInfo>
   <CipherData>
    <CipherValue>UDEZ ...QfXUmM5rQ==</CipherValue>
   </CipherData>
  </EncryptedData>
 </connectionStrings>

For more Information:

• Link
• Link
• Link
• Link
• Link
• Link