When developing web applications it is necessary to use web.config file. However normally iis is not publishing config files there can be some situations that needs higher security of web.config file.

I'd like to talk about how to encrypt the content of web.config file in this kind of situation.

First you must open Visual Studio Command Prompt or browse to directory C:\Windows\Microsoft.NET\Framework\V.2.0.50727 from Windows Command Prompt. To encrypt web.config we will use aspnet_regiis command.

Now lets look at how to use this command.

aspnet_regiis.exe -pef "Section To Encrypt In Web.Config" "Psyical path of web.config file" - prov "DataProtectionConfigurationProvider"

For example :

aspnet_regiis.exe -pef "connectionStrings" "c:\MyWebApplication" - prov "DataProtectionConfigurationProvider"

After executing this command you will see the section you described as encrypted. But your application will not have any problems while accessing to values in web.config.
Another important point is that the web.config is encrypted at machine level. That means that if you move to application to another computer, it will not work because of the machine keys.

If you want to decrypt a web.config file using -pdf parameter will be enough.