1

I have an ASP.NET application that i deployed to a server by copying the project to the server and then configuring IIS. What happens now is that i need to prevent the access to the code. Is there any way to do this? Do i need to deploy in a different way or is there a way to somehow "encrypt" the code thus rendering it unreadable?

Regards,

Improve this question
3
  • 2
    "prevent the access to the code" - from who? Commented Sep 23, 2011 at 8:34
  • do you mean you do not want to show the .cs files or you want to really encrypt the dlls (assemblies) so that cannot be decompiled and understood even by advanced users? Commented Sep 23, 2011 at 8:39
  • There is no problem with the reverse engineering of the dll's as there will not be advanced users with access to the server. When i say "prevent the access" i mean either the code not being present or not being readable. Commented Sep 23, 2011 at 8:44

3 Answers 3

Reset to default
4

Yes you should only publish.

inside Visual Studio, in solution explorer, right click on the web project and select publish.

this will create all you need to deploy ( pages, assemblies, resources...) but will not include the source code.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I made the publish option, but it included all my code files (.aspx and .vb). Am i doing something wrong?
yes, because it should not contain the code files, only aspx and dlls and images. try to play around with the publish options.
2

A simple way is to obfuscate the code. This doens't hide the code per se, but it makes it very difficult to read and understand.

See this wiki page for more information.

On another note, if you publish the application by using the release configuration, you'll only upload assemblies and other parts vital for the site, not the source code in readable form. Be wary though, the dll's can be reverse engineered.

Improve this answer

Comments

1

You can use an obfuscator such as dotFuscator on your assemblies.

The better obfuscators will stump most decompilers (such as Reflector), but are normally not free.

Update:

Seeing as you mean that you simply do not want code to be deployed with your application:

Publishing should be enough, so long as you don't use the app_code folder - code in this folder will be deployed as is.

Improve this answer

3 Comments

@DavidePiras - If someone has access to the DLL, they can then use Reflector to get a (close approximation) of the original code.
I know that, but I think that was not what the OP meant. Anyway in fact is not clear, added a question as comment to the original question...
@DavidePiras - Who know what he means. Perhaps he doesn't want the sys admins to be able to see the original code? Maybe he is in a shared hosting environment? The OP didn't respond to my comment.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.