One of the security concerns when implementing a DotNetNuke framework portal is the lack of support for encrypting the configuration settings within the web.config file.  This is not a major concern if you are hosting the site within your own server as you can control who has access to the file system.  But it may be a concern if you are implementing your portal on a public server.

Shancer Software has created a solution that has the following features:

• Integrates into your DotNetNuke portal as a host module.
• Creates it's own host tab for security.
• Easily encrypts and decrypts your connectionstrings, app settings and smtp settings.
• Module is compatible with DNN 4.5 and higher
• Uses built-in ASP.NET functionality for encryption

How the module works

1. Install the module as you would a regular module.
2. Once installation is complete go to the host menu.
3. There will be a Encrypt Web.config menu item.
4. On the new page the module will allow you to see the current web.config and allow you to choose which sections of the config file to encrypt.