Encode information in web. config

We all know that web. config can save the connection string, which is also done in the program, web. config is XML, so it has a clear structure, so we can easily understand it, but this also has a problem. Our database is completely exposed to the person who browses the file, this is what we don't want. We can use a simple and effective encryption algorithm to encrypt the connection characters, so that those who directly browse the file cannot see the information clearly.
We generally Save the connection string in the following form:
<Deleetask>
<Add key = "ConnectionString" value = "server = localhost; database = test; pwd = sa; uid = sa;"/>
</AppSettings>
For ourselves to understand these encrypted characters, we need an additional program to generate these encrypted data (this additional program can be very complicated, but to illustrate the problem, we use a simple base64 encoded data, which is not encrypted, but the principle is the same ). We create a WinForm project specifically used to generate base64 conversion from plaintext to ciphertext. If other encryption algorithms are used, we can replace this encryption process. The code in the conversion button is as follows:
Private void button#click (object sender, System. EventArgs e ){
Byte [] data = System. Text. ASCIIEncoding. ASCII. GetBytes (this. textBox1.Text );
String str = Convert. ToBase64String (data );
This. textBox2.Text = str;
}
TextBox2 contains the characters after the code is changed. We can. connection characters in config ("server = localhost; database = test; pwd = sa; uid = sa ;") put it in this program to generate a new string ).
Then we use this character to replace the unencoded string. As follows:
<Deleetask>
<Add key = "ConnectionString" value = "c2VydmVyPWxvY2FsaG9zdDtkYXRhYmFzZT10ZXN0O3B3ZD1zYTt1aWQ9c2E7"/>