Performance Checklist:
Design Considerations
| Check | Description |
|---|---|
 |
Consider security and performance. |
|
Partition your application logically. |
|
Evaluate affinity. |
|
Reduce round trips. |
|
Avoid blocking on long-running tasks. |
|
Use caching. |
|
Avoid unnecessary exceptions. |
Threading
| Check | Description |
|---|---|
|
Tune the thread pool by using the formula to reduce contention. |
|
Consider minIoThreads and minWorkerThreads for burst load. |
|
Do not create threads on a per-request basis. |
|
Avoid blocking threads. |
|
Avoid asynchronous calls unless you have additional parallel work. |
Resource Management
| Check | Description |
|---|---|
|
Pool resources. |
|
Explicitly call Close or Dispose on resources you open. |
|
Do not cache or block on pooled resources. |
|
Know your application allocation pattern. |
|
Obtain resources late and release them early. |
|
Avoid per-request impersonation. |
Pages
| Check | Description |
|---|---|
|
Trim your page size. |
|
Enable buffering. |
|
Use Page.IsPostBack to minimize redundant processing. |
|
Partition page content to improve caching efficiency and reduce rendering. |
|
Ensure pages are batch compiled. |
|
Ensure debug is set to false. |
|
Optimize expensive loops. |
|
Consider using Server.Transfer instead of Response.Redirect. |
|
Use client-side validation. |
Server Controls
| Check | Description |
|---|---|
|
Identify the use of view state in your server controls. |
|
Use server controls where appropriate. |
|
Avoid creating deep hierarchies of controls. |
Data Binding
| Check | Description |
|---|---|
|
Avoid using Page.DataBind. |
|
Minimize calls to DataBinder.Eval. |
Caching
| Check | Description |
|---|---|
|
Separate dynamic data from static data in your pages. |
|
Configure the memory limit. |
|
Cache the right data. |
|
Refresh your cache appropriately. |
|
Cache the appropriate form of data. |
|
Use output caching to cache relatively static pages. |
|
Choose the right cache location. |
|
Use VaryBy attributes for selective caching. |
|
Use kernel caching on Microsoft® Windows Server™ 2003. |
State Management
| Check | Description |
|---|---|
|
Store simple state on the client where possible. |
|
Consider serialization costs. |
Application State
| Check | Description |
|---|---|
|
Use static properties instead of the Application object to store application state. |
|
Use application state to share static, read-only data. |
|
Do not store single-threaded apartment (STA) COM objects in application state. |
Session State
| Check | Description |
|---|---|
|
Prefer basic types to reduce serialization costs. |
|
Disable session state if you do not use it. |
|
Avoid storing STA COM objects in session state. |
|
Use the ReadOnly attribute when you can. |
View State
| Check | Description |
|---|---|
|
Disable view state if you do not need it. |
|
Minimize the number of objects you store in view state. |
|
Determine the size of your view state. |
HTTP Modules
| Check | Description |
|---|---|
|
Avoid long-running and blocking calls in pipeline code. |
|
Consider asynchronous events. |
String Management
| Check | Description |
|---|---|
|
Use Response.Write for formatting output. |
|
Use StringBuilder for temporary buffers. |
|
Use HtmlTextWriter when building custom controls. |
Exception Management
| Check | Description |
|---|---|
|
Implement a Global.asax error handler. |
|
Monitor application exceptions. |
|
Use try/finally on disposable resources. |
|
Write code that avoids exceptions. |
|
Set timeouts aggressively. |
COM Interop
| Check | Description |
|---|---|
|
Use ASPCOMPAT to call STA COM objects. |
|
Avoid storing COM objects in session state or application state. |
|
Avoid storing STA components in session state. |
|
Do not create STA components in a page constructor. |
|
Supplement classic ASP Server.CreateObject with early binding. |
Data Access
| Check | Description |
|---|---|
|
Use paging for large result sets. |
|
Use a DataReader for fast and efficient data binding. |
|
Prevent users from requesting too much data. |
|
Consider caching data. |
Security Considerations
| Check | Description |
|---|---|
|
Constrain unwanted Web server traffic. |
|
Turn off authentication for anonymous access. |
|
Validate user input on the client. |
|
Avoid per-request impersonation. |
|
Avoid caching sensitive data. |
|
Segregate secure and non-secure content. |
|
Only use Secure Sockets Layer (SSL) for pages that require it. |
|
Use absolute URLs for navigation. |
|
Consider using SSL hardware to offload SSL processing. |
|
Tune SSL timeout to avoid SSL session expiration. |
Deployment Considerations
| Check | Description |
|---|---|
|
Avoid unnecessary process hops. |
|
Understand the performance implications of a remote middle tier. |
|
Short-circuit the HTTP pipeline. |
|
Configure the memory limit. |
|
Disable tracing and debugging. |
|
Ensure content updates do not cause additional assemblies to be loaded. |
|
Avoid XCOPY under heavy load. |
|
Consider precompiling pages. |
|
Consider Web garden configuration. |
|
Consider using HTTP compression. |
|
Consider using perimeter caching. |
Gathered from: http://msdn.microsoft.com/en-us/library/ms998596