also this line was added automatically by Visual Studio:
Should I turn it to debug="false" in the release web.config?
Many thanks.
Asked
Active
Viewed 2,205 times
1 Answers
8
You should set customErrors to On or RemoteOnly. The latter would mean that anyone using the local machine will see the full error page, but any outside users won't. The less information outside users have about how your web application works, the better. You could do something like this:
<customErrors mode="On" defaultRedirect="~/ErrorPage.aspx"/>
You can also give a bit more specific information about the error users.
<customErrors mode="On" defaultRedirect="~/ErrorPage.aspx">
<error statusCode="404" redirect="~/404error.aspx" />
</customErrors>
For production, you should set Debug to false.
Reasons on why Debug should be set to false can be read about here.
1) The compilation of ASP.NET pages takes longer (since some batch optimizations are disabled)
2) Code can execute slower (since some additional debug paths are enabled)
3) Much more memory is used within the application at runtime
4) Scripts and images downloaded from the WebResources.axd handler are not cached
keyboardP
- 68,824
- 13
- 156
- 205