Encrypting Particular Section in a Web.config

This is to share about Encrypting any particular section in a web.config file.

Normally, we are to store our global variables, connectionstrings and static variables in web.config. But they are easily exposed in order to make it secure you can encrypt any particular section you want. Kindly find the below snippet and share your thoughts

Encrypting appsettings section in a config file in .NET 2.0

private void EncryptWebSections()
Configuration myConfig = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
AppSettingsSection objSection=
if (!objSection.SectionInformation.IsProtected)
objSection.SectionInformation.ForceSave = true;

In 2.0 we dont need to decrypt the section at the runtime. Microsoft Framework 2.0 will decrypt the section in built.

In order to decrypt, replace the objSection.SectionInformation.ProtectSection with objSection.SectionInformation.UnProtectSection(
and your section will get decrypt and get saved.

Prakash A


No responses found. Be the first to comment...

  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name: