Tips Centre Saturday, December 21, 2024

Home Home | About Us About Us | Contact Us Contact Us

vrPakistanis Technologies - Web Development, Logo Designing, Web Designing

Home > ASP.Net

Top 10 Best Practices for Production ASP.NET Applications

In no particular order, here are the top ten things I've learned to pay attention to when dealing with production ASP.NET applications. Hopefully they will help you save you some time and headaches. As always, your thoughts and additions are welcome.

  1. Generate new encryption keys
    When moving an application to production for the first time it is a good idea to generate new encryption keys. This includes the machine validation key and decryption key as well as any other custom keys your application may be using.
  2. Encrypt sensitive sections of your web.config
    This includes both the connection string and machine key sections. Note that if your application runs in a clustered environment you will need to share a custom key using the RSA provider.
  3. Use trusted SQL connections
  4. Set retail="true" in your machine.config
    < configuration >
    < system.web >
    < deployment retail=""true"" >< /deployment >
    < /system.web >
    < /configuration >

    This will kill three birds with one stone. It will force the 'debug' flag in the web.config to be false, it will disable page output tracing, and it will force the custom error page to be shown to remote users rather than the actual exception or error message.
  5. Create a new application pool for your site
    When setting up your new site for the first time do not share an existing application pool. Create a new application pool which will be used by only by the new web application.
  6. Set the memory limit for your application pool
    When creating the application pool, specifically set the memory limit rather than the time limit which is set by default.
  7. Create and appropriately use an app_Offline.htm file
    There are many benefits to using this file. It provides an easy way to take your application offline in a somewhat user friendly way (you can at least have a pretty explanation) while fixing critical issues or pushing a major update. It also forces an application restart in case you forget to do this for a deployment.
  8. Develop a repeatable deployment process and automate it
    It is way too easy to make mistakes when deploying any type of software. This is especially the case with software that uses configuration files that may be different between the development, staging, or production environments. I would argue that the process you come up with is not nearly as important as it being easily repeatable and automated. You can fine tune the process as needed, but you don't want a simple typo to bring a site down.
  9. Build and reference release versions of all assemblies
    In addition to making sure ASP.NET is not configured in debug mode, also make sure that your assemblies are not debug assemblies. There are of course exceptions if you are trying to solve a unique issue in your production environment ... but in most cases you should always deploy with release builds for all assemblies.
  10. Load test
    This goes without saying. Inevitably, good load testing will uncover threading and memory issues not otherwise considered.

This article has been taken from Daptivate.com

Tips Centre 2008-2021. All rights reserved. Developed by vrPakistanis Technologies.