Source: Internet
Author: User
Tags configuration settings
ASP. NET project configuration and Optimization



1. implemented through the Web. config file

2. How to configure the Web. config file:

(1) Configure ASP. NET Authentication<Authentication mode = "? ">

Mode = "Windows" (IIS performs Authentication Based on application settings. IIS must disable anonymous access)

Mode = "forms" (Form login authentication, which stores user identity tags in cookie objects)

Mode = "Passport" (run through Microsoft's centralized Identity Authentication Service to provide different users to access the application resources of the site)

Mode = "NONE" (no authentication is performed)

For example, when a user who has not logged on accesses a webpage that requires authentication, the webpage automatically jumps to the logon page, where loginurl is the logon Page name and name is the cookie name.

<Authentication mode = "forms"> <forms loginurl = "login. aspx" name = ". formsauthcookie"/> </authentication>


(2) control access to URL resources from clients (for example, Anonymous Users are allowed to access)<Authorization>

[Note] It must be used with <authentication> or use user. identity. name to obtain the verified user name. You can use the web. security. formsauthentication. the redirectformloginpage method redirects authenticated users to the page the user just requested.

For example, prohibit access from anonymous users: (Allow access using allow)

<Authorization> <deny user = "? "/> </Authorization>


(3) configure all compilation settings used by ASP. NET<Compilation>

<Compilation defaultlanguage = "VB. NET/C #"> the background code language is used by default.

<Compilation DEBUG = "True/false"> If the value is true, aspx debugging is started. If the value is false, the running performance of the application is improved, set to "true"; set to "false" if used by the customer"


(4) Provide custom error information for ASP. NET Applications<Customerrors mode = "? ">

[Note] It is not applicable to errors in XML Web Services.

<Customerrors mode = "on"> indicates that custom information is always displayed.

<Customerrors mode = "off"> indicates that the detailed ASP. NET error message is always displayed.

<Customerrors mode = "remoteonly"> displays custom information only for users (remote users) that are not running on the Local Web server.

For example, when an error occurs, the webpage is redirected to a custom error page.

<Customerrors defaultredirect = "errorpage. aspx" mode = "remoteonly"> </customerrors>


(5) Configure ASP. net http Runtime Library settings<Httpruntime>

For example, the maximum size of a file to be uploaded is 4 MB, the maximum time is 60 seconds, and the maximum number of requests is 100.

<Httpruntime maxrequestlength = "4096" executiontimeout = "60" apprequestqueuelimit = "100">


(6) configuration is used to identify specific page settings (such as whether to enable session Status, view status, and whether to detect user input)<Pages>

For example, the system does not check whether dangerous data exists in the content entered by the browser. When the client returns a page, it checks the encrypted view status to verify whether the view status has been tampered with on the client.

<Pages buffer = "true" enableviewstatemac = "true" validaterequest = "false"/> </pages>


(7) configure the session Status of the current application (whether to enable the session status, whether to save the session status, and so on)<Sessionstate>

<Sessionstate mode = "Off/inproc/StateServer/sqlserver"> off disables session state, inproc worker stores session state, and StateServer stores session information in a separate ASP. in the. NET Status Service, sqlserver stores session information in the SQL Server database.

<Sessionstate stateconnectionstring = "? "> Name of the server that stores the remote session status. The default value is local.

<Sessionstate cookieless = "True/false"> "true" indicates that the customer is not identified by a cookie session. "false" indicates that the Cookie Session is started.

<Sessionstate sqlconnectionstring = "database connection string"> set SQL Server database connection

<Sessionstate timeout = "20"> set the session time. When the session expires, the session is automatically interrupted. The default value is 20 (minutes)

For example, the session state is enabled when the session is stored locally and the user's browser does not support cookies. The number of minutes when the session is idle is 20 minutes.

<Sessionstate mode = "inproc" cookieless = "true" timeout = "20"/> </sessionstate>


(8) Configure ASP. NET tracking service<Trace>

Identify errors in program testing

For example, if a program does not enable tracing, the number of Trace Requests stored on the server is 10. You can only access the tracing output by using the tracing utility to display the tracing information in chronological order, trace Viewer (trace. axd), used only for Local Web servers.

<Trace enable = "false" requestlimit = "10" pageoutput = "false" tracemode = "sortbytime" localonly = "true"/>


(9) custom web. config file Configuration:

For example:


<Configsections>// Declare the name and copyright of the configuration section

<Section name = "etettings" type = "system. configuration. namevaluefilesectionhandLer, system, version = 1.0.3300.0, culture = netural, publickeytoken = b77a5c561934e089 "/>


<Deleetask>// Actual configuration settings

<Add key = "SS" value = "Server = A; database = northwind; uid = sa; Pwd = 111"/>


<System. Web>


</System. Web>



How to call the above database connection?

Protected static string isdebug = configurationsettings. deleettings ["debug"]


3. Some common web configurations:

<! -- Disable Client verification -->

<Pages validaterequest = "false"/>


<! -- Size of the uploaded file; maximum size: 200 MB -->

<Httpruntime exection timeout = "9999" maxrequestlength = "204800" usefullyqualifiedredirecTurl = "false" minfreethreads = "8" minlocalrequestfreethreaDS = "4" apprequestqueuelimit = "100" type = "regxph" text = "yourobjectname"/>


<! -- SQL Server database connection string configuration -->

  <Add name = "connection string name" connectionstring = "Data Source = server name; Integrated Security = sspi; initial catalog = database name;"/>
  <Add name = "connection string name" connectionstring = "Data Source =. (local server name); initial catalog = database name; user id = SQL Server user name; Password = SQL server password "providername =" system. data. sqlclient "/>


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.