I have a simple sql database on an asp.net server.
This database will log temp data sent from an esp8266 programmed with arduino ide.
1- how would I go about security? Knowing that esp8266 cant handle ssl.
2- how would I stop man in middle attacks?
3- how would I stop anyone from send a fake post request to my server and populate my database?
The ESP8266 absolutely can handle SSL. In fact, the Arduino repository includes an SSL client as part of it's libraries.
Here is an example showing SSL in action to perform a basic HTTP request: https://github.com/esp8266/Arduino/blob/master/libraries/ESP8266WiFi/examples/HTTPSRequest/HTTPSRequest.ino