Solved

Website web.config Performance Optimization

Posted on 2004-08-25
2
1,680 Views
Last Modified: 2012-08-14
I'm pretty sure this is already optimized but if you see something I'm missing or any suggestions please let me know.  This is the web.config on my remote website which does not need debugging of any kind enabled or any other features that will just slow it down.  

Thankyou

<?xml version="1.0" encoding="utf-8" ?>
<configuration>

  <system.web>
      <pages validateRequest="false" />  

    <!--  DYNAMIC DEBUG COMPILATION
          Set compilation debug="true" to enable ASPX debugging.  Otherwise, setting this value to
          false will improve runtime performance of this application.
          Set compilation debug="true" to insert debugging symbols (.pdb information)
          into the compiled page. Because this creates a larger file that executes
          more slowly, you should set this value to true only when debugging and to
          false at all other times. For more information, refer to the documentation about
          debugging ASP.NET files.
    -->
    <compilation
         defaultLanguage="c#"
         debug="false"
    />

    <!--  CUSTOM ERROR MESSAGES
          Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
          Add <error> tags for each of the errors you want to handle.

          "On" Always display custom (friendly) messages.
          "Off" Always display detailed ASP.NET error information.
          "RemoteOnly" Display custom (friendly) messages only to users not running
           on the local Web server. This setting is recommended for security purposes, so
           that you do not display application detail information to remote clients.
    -->
   <customErrors mode ="On" >
     <error statusCode ="500" redirect ="Oops.aspx" />
       <error statusCode ="404" redirect ="Oops.aspx" />
    </customErrors>
    <!--  AUTHENTICATION
          This section sets the authentication policies of the application. Possible modes are "Windows",
          "Forms", "Passport" and "None"

          "None" No authentication is performed.
          "Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to
           its settings for the application. Anonymous access must be disabled in IIS.
          "Forms" You provide a custom form (Web page) for users to enter their credentials, and then
           you authenticate them in your application. A user credential token is stored in a cookie.
          "Passport" Authentication is performed via a centralized authentication service provided
           by Microsoft that offers a single logon and core profile services for member sites.
    -->
    <authentication mode="Windows" />

      <!--  AUTHORIZATION
          This section sets the authorization policies of the application. You can allow or deny access
          to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
          (unauthenticated) users.
    -->

    <authorization>
        <allow users="*" /> <!-- Allow all users -->
            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
            -->
    </authorization>

    <!--  APPLICATION-LEVEL TRACE LOGGING
          Application-level tracing enables trace log output for every page within an application.
          Set trace enabled="true" to enable application trace logging.  If pageOutput="true", the
          trace information will be displayed at the bottom of each page.  Otherwise, you can view the
          application trace log by browsing the "trace.axd" page from your web application
          root.
    -->
    <trace
        enabled="false"
        requestLimit="10"
        pageOutput="false"
        traceMode="SortByTime"
            localOnly="true"
    />

    <!--  SESSION STATE SETTINGS
          By default ASP.NET uses cookies to identify which requests belong to a particular session.
          If cookies are not available, a session can be tracked by adding a session identifier to the URL.
          To disable cookies, set sessionState cookieless="true".
    -->
    <sessionState
            mode="Off"
            stateConnectionString="tcpip=127.0.0.1:42424"
            sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes"
            cookieless="false"
            timeout="20"
    />

    <!--  GLOBALIZATION
          This section sets the globalization settings of the application.
    -->
    <globalization
            requestEncoding="utf-8"
            responseEncoding="utf-8"
   />  
 
   
 </system.web>

</configuration>
0
Comment
Question by:dgelinas
2 Comments
 
LVL 3

Assisted Solution

by:DJ_Back-Q
DJ_Back-Q earned 100 total points
Comment Utility
Looks fine to me. There is not enought settings in the config file to comprimise speed and performance.


Andre,
MCSD
0
 
LVL 3

Accepted Solution

by:
gspronych earned 150 total points
Comment Utility
As DJ Bak-Q mentioned, there are not a whole lot of issues to be concerned with the web.config

But note, if you store application settings in the web.config, and make a change to the web.config - it will reset the application.
Although storing app settings in the web.config is great for storing static variables such as connection string.
Values such as MOTD (message of the day) should be stored in includes.

You main concern should be with application performance.
There is a long winded article here
http://www.codeproject.com/aspnet/SitePerf.asp

Basically they suggest using caching, String Manipulation, avioding try/catch unless neccessary. etc

It's worth reading to learn their suggestions.
Cheers
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
This article discusses the ASP.NET AJAX ModalPopupExtender control. In this article we will show how to use the ModalPopupExtender control, how to display/show/call the ASP.NET AJAX ModalPopupExtender control from javascript, how to show/display/cal…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now