Web.config machinekey trap - Is there a Machine Key in use concept?

Question

Im concerned an IIS admin user might accidentally press generate key causing the machine key in web.config to be overwritten. Are people not so concerned, because you just get it from a back up ? Or does everyone have solid admin processes or good admins dont do that?

I was on a dev Machine in IIS and just pressed the button on the WRONG site. Test users hosed until machine key restored from backup..

Im now wondering if I should have a customer web.config attribute ?

What is good management practice here? Any other words of wisdom? Other than im an IIS admin Donk. Is there some normal way of indicating key in use, cant be/ dont regenerate ?

Answer 1

As far as I know - no. After a bit of research still no.

When dealing with multiple machine keys, a good practice would be to keep them all manually generated in a shared admin resource (spreadsheet, txt doc, etc). In case something goes wrong, restore it from there. As an admin it's your responsibility to keep the keys for certain applications in order if you use these.

Don't worry, mistakes happen. Databases get locked, IIS servers crash etc. All of us admins/developers are still capable of human errors that can't be auto-corrected by tools and features. This is yet just one of them.

Of course the not-so-easy way would be to build your own tool (console/gui) that performs certain validations and use only that to manipulate the keys.