Security of My Intranet Project

Asked

Viewed 87 times

1

I have a commercial intranet project, but how to validate so that this project is not copied from the root folder, where the IIS runs? Because so if my client has a knowledge he could easily copy my system play on the USB stick and resell it, I’m sure? What kind of security should I use for intranet projects?

2 answers

2


First your IIS directory needs to be configured to be accessed only with your user profile ... And from the moment you give a "Publish" in the application, the code is compiled and different files are generated, which does not allow editing. But if he has access to your IIS root folder I see no way to prevent him from copying and pasting the application to publish to another IIS.

  • I believe that doing as you said about making the directory only accessible to my user, will be of great help!

  • 1

    IIS also allows the user to prevent some files from being accessible by URL, so if there is something important in some file. xml with passwords or something like that can block access to that file through IIS.

1

Your project has permanent internet connection?
If you do, you can validate the execution of the application on your server. For example, validate a "secret-key" that will be in the code of your application against an IP or a hostname that will be set on your server.

Updating:
If you don’t have access to the Internet, you can validate it in the code itself, for example to check whether the hostname that executes it is the only one that is authorised.

Update (2):
Can use:

System.Net.Dns.GetHostName
ou
Environment.MachineName

And check that this matches the name of the machine that is authorized to run the application.

  • Could you explain in more detail the case of not having access to internet?

  • 1

    I updated the answer to answer your question.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.