Some developers asked me how can we encrypt web.config programmatically, so here it is:

Default.aspx

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:Button ID="Button2" runat="server" Text="Button" />
        <asp:Button ID="Button1" runat="server" Text="Button" />
   
    </div>
    </form>
</body>
</html>

default.aspx.vb

Imports System
Imports System.Configuration

Partial Class _Default
    Inherits System.Web.UI.Page

    Protected Sub Button2_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button2.Click

        Dim config As Configuration = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath)

        ' Define the Dpapi provider name.
        Dim provider As String = _
            "DataProtectionConfigurationProvider"

        ' Get the section to protect.
        Dim connStrings As ConfigurationSection = _
                config.ConnectionStrings

        If Not (connStrings Is Nothing) Then
            If Not connStrings.SectionInformation.IsProtected Then
                If Not connStrings.ElementInformation.IsLocked Then
                    ' Protect the section.

                    connStrings.SectionInformation.ProtectSection(provider)
                    connStrings.SectionInformation.ForceSave = True
                    config.Save(System.Configuration.ConfigurationSaveMode.Modified)
                End If
            End If
        End If
    End Sub 'ProtectConfiguration


    Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim config As Configuration = System.Web.Configuration.WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath)

        ' Get the section to unprotect.
        Dim connStrings As ConfigurationSection = _
        config.ConnectionStrings

        If Not (connStrings Is Nothing) Then
            If connStrings.SectionInformation.IsProtected Then
                If Not connStrings.ElementInformation.IsLocked Then
                    ' Unprotect the section.
                    connStrings.SectionInformation.UnprotectSection()

                    connStrings.SectionInformation.ForceSave = True
                    config.Save(ConfigurationSaveMode.Full)
                End If
            End If
        End If
    End Sub
End Class

web.config

<?xml version="1.0"?>

<configuration>
 <appSettings/>
  <connectionStrings>
    <clear />
    <add name="LocalSqlServer" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true"
      providerName="System.Data.SqlClient" />
    <add name="NorthWindConnection" connectionString="data source=.\SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|Northwind.mdf;User Instance=true"
      providerName="" />
  </connectionStrings>
 <system.web>

  <compilation debug="true" strict="false" explicit="true"/>
  <pages>
   <namespaces>
    <clear/>
    <add namespace="System"/>
    <add namespace="System.Collections"/>
    <add namespace="System.Collections.Specialized"/>
    <add namespace="System.Configuration"/>
    <add namespace="System.Text"/>
    <add namespace="System.Text.RegularExpressions"/>
    <add namespace="System.Web"/>
    <add namespace="System.Web.Caching"/>
    <add namespace="System.Web.SessionState"/>
    <add namespace="System.Web.Security"/>
    <add namespace="System.Web.Profile"/>
    <add namespace="System.Web.UI"/>
    <add namespace="System.Web.UI.WebControls"/>
    <add namespace="System.Web.UI.WebControls.WebParts"/>
    <add namespace="System.Web.UI.HtmlControls"/>
   </namespaces>
  </pages>

  <authentication mode="Windows"/>

 </system.web>
</configuration>

just press the  buttons to test it (one to encrypt other to decrypt) [:D]

<appSettings/>
  <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
    <EncryptedData>
      <CipherData>
        <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAddtg1zeqNUK4binPq005DAQAAAACAAAAAAADZgAAqAAAA BAAAADZvsO+TyVfNn2TLlWYMnAYAAAAAASAAACgAAAAEAAAANC2butYaa+GpV5xUVrULs6I AwAA+2u+8jh7YrzhkjRaccm5SxhzlBf3a2cU/XxnjMU0J07sSqc8PNFkYcJxT6qQQn1E/ncc3pqdWLdTk EuXJzYTYN8AT6ceDd3iaVtqZozIO4d+pJCf9kc9GGrN2VtZTCqWHUfnq0Pn+zNcfAdX9P5vj93SZXOE4QMeUNiEUZxNg2nm1HRYsrXUkGCHRKwFXS OLqTw3WcW8KfzHayENeHv2N3Hl5qxdUh9H/3ij41tPXhMOyF9qGy7bj6QYdwsgMkA6ymxAcLAFq46h5U97c+/wipj1SzaA9k6wj5FTwgzb8Gwix9u5sBbO6EBu6ckB 05CdgvIU6inr8HbLML/35MJyKsRFAh3+/MWUW3cGW+LJDRmmYoKPQ3O7vp9CYT9dxciTAVLirgSqHPCMHlIHBzRk77hwWire6m8SHloOCgWtu3tLI5mDUvzTxxYlTtc4IIMRk/ii zb46DrZdhD3eC3Zh5uipSvNRDFurkA9lFrm80kIOC4vWiTEMGso6TRh2Oe3oT1LZfgyzVCoYxTo3cM3fwi3o0TQjfprlCSlOW0pQSjdnOAzoQiyD/MAMEOqCz2eGFfdkP8Cs9vVjuTqgvK Eg1Um7K1m5EsRfgif80RiN0UZPnvNixSbhghEMi8qJYdymhZDy3aYdGvCLUVf4GLbg2vDh730vVHrXy1BgYYo/teygl2HhnaJN/hJ7+C5kssZ9FU+rMPabZh8RetH24yrRoAS7hiKWLbJxE mGeNkEioO3GpF8vvoY5/Tr6fUkrDdIN2fJ/zu0JhoTp/g4JfVu6D2iiSypqx//E8jkZT7AY8Tm70xVCarXXfUKYDCVOmplGgHvy6Qv2AvM8x3RgrHJUQ9B/H4yM06FMcr7tOGp5YiINP2wtRKd2 lnZzyeTg+frM3eG4IRvlgDFgqBfMC0NNGfYsbKnTLgaXrhim8RDPzP17505TntYBQq2FcTY+LysaYIlLY+1KooI/Q4dllAoTN7pLdOowXg2rH1Pd7Gj7s7aciai0zdzxvV59XGFQMVkslwvraD6P+p kdOER4SYRPcykyu11f/C0yYcBIdXDGXr8t1HQkGmS+YMnJwATIgiJbOcMJfW4Ngck34mXK+MN68cfPNyJHb3OJP11S3qe8nuJLkX6JvoaWaopph1TSWj7hdUBgR/lK1uj/bPS+DPVLvNkkTldnpCSFAY7 dSR+MXZ45bn37P0jZ7hQAAABwFHKIPriDgG/iBLGoHlxv5ZB2AQ== </CipherValue>
      </CipherData>
    </EncryptedData>
  </connectionStrings>
 <system.web>

i hope you think this is usefull.