ASP.NET 2.0 Performance Checklist

From Guidance Share
Jump to navigationJump to search

- J.D. Meier, Prashant Bansode

Design Considerations

  • Consider security and performance.
  • Partition your application logically.
  • Evaluate affinity.
  • Reduce round trips.
  • Avoid blocking on long-running tasks.
  • Use caching.
  • Avoid unnecessary exceptions.


  • Tune the thread pool by using the formula to reduce contention.
  • Consider minIoThreads and minWorkerThreads for burst load.
  • Do not create threads on a per-request basis.
  • Avoid blocking threads.
  • Avoid asynchronous calls unless you have additional parallel work.

Resource Management

  • Pool resources.
  • Explicitly call Close or Dispose on resources you open.
  • Do not cache or block on pooled resources.
  • Know your application allocation pattern.
  • Obtain resources late and release them early.
  • Avoid per-request impersonation.


  • Trim your page size.
  • Enable buffering.
  • Use Page.IsPostBack to minimize redundant processing.
  • Partition page content to improve caching efficiency and reduce rendering.
  • Ensure pages are batch compiled.
  • Ensure debug is set to false.
  • Optimize expensive loops.
  • Consider using Server.Transfer instead of Response.Redirect.
  • Use client-side validation.

Server Controls

  • Identify the use of view state in your server controls.
  • Use server controls where appropriate.
  • Avoid creating deep hierarchies of controls.

Data Binding

  • Avoid using Page.DataBind.
  • Minimize calls to DataBinder.Eval.


  • Separate dynamic data from static data in your pages.
  • Configure the memory limit.
  • Cache the right data.
  • Refresh your cache appropriately.
  • Cache the appropriate form of data.
  • Use output caching to cache relatively static pages.
  • Choose the right cache location.
  • Use VaryBy attributes for selective caching.
  • Use kernel caching on Microsoft® Windows Server™ 2003.

State Management

  • Store simple state on the client where possible.
  • Consider serialization costs.

Application State

  • Use static properties instead of the Application object to store application state.
  • Use application state to share static, read-only data.
  • Do not store single-threaded apartment (STA) COM objects in application state.

Session State

  • Prefer basic types to reduce serialization costs.
  • Disable session state if you do not use it.
  • Avoid storing STA COM objects in session state.
  • Use the ReadOnly attribute when you can.

View State

  • Disable view state if you do not need it.
  • Minimize the number of objects you store in view state.
  • Determine the size of your view state.

HTTP Modules

  • Avoid long-running and blocking calls in pipeline code.
  • Consider asynchronous events.

String Management

  • Use Response.Write for formatting output.
  • Use StringBuilder for temporary buffers.
  • Use HtmlTextWriter when building custom controls.

Exception Management

  • Implement a Global.asax error handler.
  • Monitor application exceptions.
  • Use try/finally on disposable resources.
  • Write code that avoids exceptions.
  • Set timeouts aggressively.

COM Interop

  • Use ASPCOMPAT to call STA COM objects.
  • Avoid storing COM objects in session state or application state.
  • Avoid storing STA components in session state.
  • Do not create STA components in a page constructor.
  • Supplement classic ASP Server.CreateObject with early binding.

Data Access

  • Use paging for large result sets.
  • Use a DataReader for fast and efficient data binding.
  • Prevent users from requesting too much data.
  • Consider caching data.

Security Considerations

  • Constrain unwanted Web server traffic.
  • Turn off authentication for anonymous access.
  • Validate user input on the client.
  • Avoid per-request impersonation.
  • Avoid caching sensitive data.
  • Segregate secure and non-secure content.
  • Only use Secure Sockets Layer (SSL) for pages that require it.
  • Use absolute URLs for navigation.
  • Consider using SSL hardware to offload SSL processing.
  • Tune SSL timeout to avoid SSL session expiration.

Deployment Considerations

  • Avoid unnecessary process hops.
  • Understand the performance implications of a remote middle tier.
  • Short-circuit the HTTP pipeline.
  • Configure the memory limit.
  • Disable tracing and debugging.
  • Ensure content updates do not cause additional assemblies to be loaded.
  • Avoid XCOPY under heavy load.
  • Consider precompiling pages.
  • Consider Web garden configuration.
  • Consider using HTTP compression.
  • Consider using perimeter caching.