IIS server and Web.config Configuration optimization guide

1. Modify the maximum number of worker processes for IIS

A. Consider the following:

1. Each worker process consumes system resources and CPU usage; Too much work processes can lead to a sharp depletion of system resources and CPU utilization;
2. Each worker process has its own state data, and if the Web application relies on the worker process to save state data, it may not support the use of multiple worker processes.
3. Competing for resources, allowing multiple worker processes to run the same application can result in resource competition
B. Modify the maximum number of worker processes in ISS increase the performance of the application pool processing requests
1. In the Web garden (Web Garden) of IIS 6.0, Specifying the number of worker processes used for an application pool can increase the performance of the application pool processing requests. IIS 6.0 automatically shrinks the actual number of worker processes after a certain amount of time (default 20 minutes, configurable) when the server's load is small and no additional worker processes are required, and IIS 6.0 increases the number of worker processes again if the load becomes large and requires additional worker processes. All of this is done automatically without the need for administrator intervention.
2. Modify the method as follows:
Modify the Machine.config configuration of the server. NET Framework
Directory: C: Windowsmicrosoft.netframework64v2.0.50727configmachine.config
Sets the "allowdefinition" value of the "ProcessModel" node to " Everywhere
Modify the maximum number of worker processes in the server:
Method: Right-click the IIS application pool--> properties-> the Performance tab-> Web garden-> Maximum number of worker processes
Note: Tested, the server is 32 ( 16*2) kernel 32G memory, set to 5 performance optimal. The
(ps:processmodel element (asp.net) element configures the processing model for the server, including all ASP.net applications on the server. Therefore, the ProcessModel setting can only be placed in a Machine.config file and cannot be overridden by any settings in any Web.config file.
2. To cancel the Web Access record for IIS
A. Turning off IIS access logging can improve Web performance
1.iis6.0 The IIS access record for the web is turned on by default. When the logging feature is turned on, IIS will faithfully record all IIS visitsAsk the record. The contents of these records are very complex, such as access time, client IP, from which link access, cookies, etc., also include method (methods), useragent (user agent) and so on.
These records not only occupy a large amount of disk space but also greatly affect the performance of the Web server. It has been evaluated that stopping IIS access records can increase Web performance by 5% to 8%.
2. Methods: Open IIS Manager, navigate to a specific Web site, right-click Select "Properties", and uncheck "Record Access" under the Home Directory tab
Web.config configuration optimization (production environment)
1. Eliminate useless httpmodules
D. Not all modules are required, removing unused httpmodules can increase the request speed
1.asp.net The default httpmodules management of the requested pipeline control for each request.
Example: SessionStateModule intercepts each request, parsing the session cookie To load the appropriate session in the HttpContext. But not all modules are required, such as: If you do not use membership, you do not need to configure the FormsAuthentication module; If you don't use Windows authentication, you don't have to configure wind. Owsauthentication, these modules are only included in the pipeline, executing some code that is not necessary for each request.
2. The default module definition is in Machine.config (Web.config in the Web site is valid for the current site) ($WINDOWS $microsoft.netframework$version$config). If these pipelines are not required, the configuration is as follows:

The

code is as follows:
<!--Remove unnecessary nodes and increase the request speed;
<remove name= "OutputCache"/>
<remove name= "Session"/>
<remove name= "windowsauthentication"/>
<remove name= " FormsAuthentication "/>
<remove name=" passportauthentication "/>
<remove name=" RoleManager "/>
<remove name= "urlauthorization"/>
<remove name= "fileauthorization"/>
<remove name= " anonymousidentification "/>
<remove name=" Profile "/>

2. Turn off page-level unwanted mechanisms
Web.config <pages> node Configuration Global Definition page-specific settings, such as the asp.net directives for pages and controls within the scope of the configuration file. The default EnableViewState property is "true", which opens the view, which can be set to "false" without using this mechanism. The
Default AutoEventWireup property is True, which opens the page event, which can be set to False if you do not use this mechanism. The
Default Buffer property is True, which is to turn on the HTTP response buffer. The
Default enableViewStateMac property is "false" to turn on the computer authentication check (MAC) on the view state of the page to place user tampering and, if set to true, will cause a decrease in performance.
Default validaterequest defaults to True, open authentication user input for Cross-site scripting attacks and SQL injection vulnerabilities, and httprequestvalidationexception exceptions if a match occurs.
3. Set Customerror to non off
Web.config <customErrors> nodes are used to define information about some custom error messages. This node has the mode and defaultredirect two properties, where the Defaultredirect property is an optional property that represents the default URL that is redirected to when an application error occurs, and a generic error is displayed if the property is not specified. The Mode property is a required property that has three possible values, and they represent the following meanings:
Mode description
on means that custom error messages are visible to both local and remote users.
off disables the custom error message, and both local and remote users see detailed error messages. The
RemoteOnly indicates that the local user will see the detailed error message, and the remote user will see the custom error message.
There is a need to explain the concepts of local Users and remote users. The machine used when we access the ASP.net application becomes the local user when the machine used for publishing the ASP.net application is the same machine, whereas the other is called a remote user. Setting the Mode property to On or remoteonly during the deployment phase in order to easily find the error mode property is recommended in the development debugging phase, to avoid these detailed error messages exposing the details of the program code and causing the hacker's intrusion. The
is configured as follows:

The code is as follows:
<customerrors mode= "on" defaultredirect= "error.html"/>

4. Disable debugging
The <compilation> node in Web.config configures all compilation settings used by asp.net. The default Debug property is "True", which allows debugging, and there is no problem with configuration in the development phase. However, after the formal deployment of the online, this will affect the performance of the support interface, so after the program is compiled to complete the online should be set to "false."
The configuration is as follows:

The code is as follows:
<compilation debug= "false"/>

5. Connect Concurrent Configuration
The connection concurrency limit refers to the maximum number of connections to the same domain for the same IP. In fact, this limit exists in most Microsoft products or components, typically 2/4, which means that, by default, there are up to 2 connections in the same domain for the same IP access. The default is 2, this value is too low. This means that each IP can have up to two requests to your site, which can result in a request for congestion. The connectionmanagement node in asp.net can set the maximum number of connections that individual IP initiates to the same domain.
The configuration is as follows:

The code is as follows:
<system.net>
<connectionManagement>
<add address= "*" maxconnection= "/>"
</connectionManagement>
</system.net>

The address represents which domain,maxconnection represents the maximum number of connections.
6. Remove the ASP.net version header from the HTTP header information
Enableversonheader: Specifies whether asp.net should output a version header. Use this property to determine which version of ASP.net is currently in use. For a production environment, this property is not required and can be disabled.
Configuration Example:

The

code is as follows: