• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1721
  • Last Modified:

Website web.config Performance Optimization

I'm pretty sure this is already optimized but if you see something I'm missing or any suggestions please let me know.  This is the web.config on my remote website which does not need debugging of any kind enabled or any other features that will just slow it down.  


<?xml version="1.0" encoding="utf-8" ?>

      <pages validateRequest="false" />  

          Set compilation debug="true" to enable ASPX debugging.  Otherwise, setting this value to
          false will improve runtime performance of this application.
          Set compilation debug="true" to insert debugging symbols (.pdb information)
          into the compiled page. Because this creates a larger file that executes
          more slowly, you should set this value to true only when debugging and to
          false at all other times. For more information, refer to the documentation about
          debugging ASP.NET files.

          Set customErrors mode="On" or "RemoteOnly" to enable custom error messages, "Off" to disable.
          Add <error> tags for each of the errors you want to handle.

          "On" Always display custom (friendly) messages.
          "Off" Always display detailed ASP.NET error information.
          "RemoteOnly" Display custom (friendly) messages only to users not running
           on the local Web server. This setting is recommended for security purposes, so
           that you do not display application detail information to remote clients.
   <customErrors mode ="On" >
     <error statusCode ="500" redirect ="Oops.aspx" />
       <error statusCode ="404" redirect ="Oops.aspx" />
          This section sets the authentication policies of the application. Possible modes are "Windows",
          "Forms", "Passport" and "None"

          "None" No authentication is performed.
          "Windows" IIS performs authentication (Basic, Digest, or Integrated Windows) according to
           its settings for the application. Anonymous access must be disabled in IIS.
          "Forms" You provide a custom form (Web page) for users to enter their credentials, and then
           you authenticate them in your application. A user credential token is stored in a cookie.
          "Passport" Authentication is performed via a centralized authentication service provided
           by Microsoft that offers a single logon and core profile services for member sites.
    <authentication mode="Windows" />

          This section sets the authorization policies of the application. You can allow or deny access
          to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous
          (unauthenticated) users.

        <allow users="*" /> <!-- Allow all users -->
            <!--  <allow     users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>
                  <deny      users="[comma separated list of users]"
                             roles="[comma separated list of roles]"/>

          Application-level tracing enables trace log output for every page within an application.
          Set trace enabled="true" to enable application trace logging.  If pageOutput="true", the
          trace information will be displayed at the bottom of each page.  Otherwise, you can view the
          application trace log by browsing the "trace.axd" page from your web application

          By default ASP.NET uses cookies to identify which requests belong to a particular session.
          If cookies are not available, a session can be tracked by adding a session identifier to the URL.
          To disable cookies, set sessionState cookieless="true".
            sqlConnectionString="data source=;Trusted_Connection=yes"

          This section sets the globalization settings of the application.

2 Solutions
Looks fine to me. There is not enought settings in the config file to comprimise speed and performance.

As DJ Bak-Q mentioned, there are not a whole lot of issues to be concerned with the web.config

But note, if you store application settings in the web.config, and make a change to the web.config - it will reset the application.
Although storing app settings in the web.config is great for storing static variables such as connection string.
Values such as MOTD (message of the day) should be stored in includes.

You main concern should be with application performance.
There is a long winded article here

Basically they suggest using caching, String Manipulation, avioding try/catch unless neccessary. etc

It's worth reading to learn their suggestions.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now