System and methods for protecting sensitive data stored in a text-based configuration file. In a web server application, data associated with sensitive information such as connection information for a remote database may be stored within a configuration file and accessed whenever a request for information from that database is received. To prevent unwanted access to remote database, the portion of the configuration file with sensitive information is encrypted. A decryption provider selected by the requesting server or client application decrypts the sensitive data using the decryption key, retrieves protected data from the remote database, and the configuration server provides a response based on the sensitive data protecting access to the remote database. The encryption/decryption process is transparent to the web server application consuming the configuration.