Tips for ASP.Net Developers

Tips for ASP.Net Developers

1) Do not run production ASP.NET Applications with debug=”true” enabled.

Doing so causes a number of non-optimal things to happen including:

  • · The compilation of ASP.NET pages takes longer (since some batch optimizations are disabled)
  • · Code can execute slower (since some additional debug paths are enabled)
  • · Much more memory is used within the application at runtime
  • · Scripts and images downloaded from the WebResources.axd handler are not cached (This is most important)

WebResources.axd – How it works

All client-script libraries, static images, CSS or external files are deployed via WebResources.axd and it cache all of the references locally within the browser. This is one of the advantages of ASP.Net for using client script or AJAX.

Using debug = “true” reduces performance drastically. We can check performances easily using RAD Toolkits (Telerik/Atlas), Treeview/Menu/Validator etc.

2) Try to use Trusted Connection for Database

This is the Microsoft Suggested Practice for developing secured web application. Some excellent articles are here for why and how to do this … or

3) Encrypt sensitive sections of your configuration files.

This is another Microsoft Suggested Practice for developing secured web application. Our Encryption Keys, Machine Keys or Database Connection must be secured in our configuration. This encryption is pretty simple but really useful. Execute the code from command prompt:

For encrypt: aspnet_regiis.exe -pe "appSettings" –app "/test_solution"

For decrypt: aspnet_regiis.exe -pd "appSettings" –app "/test_solution"

Here "test_solution" is the virtual location (hosting) where the web.config file should exist and “appSettings” is the section we want to encrypt.

For executing you need to set your .net Framework version path in system path.



4) Always show custom error page instead of actual error.

This need not explanation as everybody knows actual error shows the page name, line no and codes, variable names as well which is really dangerous for production version.

5) Set The <deployment retail=”true”/> Switch in Maching.config

This is the best solution for handling 3 common errors like debug is enabled or trace is enabled or custom error is off. It will handle all those errors automatically. Add the following in your Machine.Config file



<deployment retail=”true”/>





6) Set the memory limit for the application pool instead of time limit.

For time limit app pool recycles after the limit or interval. It always should be recycling after it reaches the memory limit otherwise it will acquire unnecessary memory. Several articles on this are available as or

7) Always try to develop a repeatable deployment process and automate it.

It’s not a good practice of deploying application manually. In this case we often forgot to include updates or re-deploy the whole assembly (often whole assembly deployment is not required, need to deploy only dependent assemblies). We need to find out a good automated solution for deployment process. Here is a nice article how to Automating Deployment with Microsoft Web Deploy… or managing staging...

Leave a Comment
  • Please add 1 and 3 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
  • Nice and very useful wiki

    I just want to notice that about encrypting file if in any case that command don't work so check the authorization for the user concerned in the domain and the folder involved too

  • Very good Anirban

Page 1 of 1 (2 items)