Server-side ASP.NET Protection
Shield provides robust protection for ASP.NET server-side applications, securing your .NET assemblies and business logic against reverse engineering and tampering.
Recommended Protections
For ASP.NET server-side applications, we recommend the following protections for the best balance of security and compatibility:
| Protection | Recommendation | Notes |
|---|---|---|
| Renamer | ✓ Essential | Use rename_public: false to maintain API surface |
| Control Flow | ✓ Recommended | Secures critical business logic |
| Virtualization | ✓ Recommended | For highly sensitive code |
| Anti-Debug | ✓ Recommended | Prevents unauthorized debugging |
| Constants Encryption | ✓ Recommended | Secures sensitive values and strings |
| Constants Mutation | ✓ Recommended | Adds additional security to constant values |
Best Practices
- Protect all critical assemblies: Apply Shield to every DLL/EXE containing business logic
- Set
rename_public: false: To avoid breaking public APIs and routing - Test thoroughly: Validate your application after protection, especially for reflection-heavy code
- Use selective protection: Apply advanced protections only to sensitive code
- Monitor performance: Most protections have minimal impact, but always test
Shield automatically adapts its protections to ASP.NET server-side environments. No special configuration is needed for standard scenarios.
Compatibility
Shield supports all modern ASP.NET Framework and ASP.NET Core versions. Protected assemblies are compatible with:
- Windows and Linux deployments
- Azure App Service, AWS, and other cloud providers
- All major .NET runtimes (including .NET 6/7/8)
Shield automatically adapts protections to your project type and deployment environment.
For client-side protection, see JavaScript Protection.