Microsoft Developer Support or ("CSS" - Customer Support Services) is where you're sent within Microsoft when you've got problems. They see the most interesting bugs, thousands of issues and edge cases and collect piles of data. They report this data back to the ASP.NET team (and other teams) for product planning. Dwaine Gilmer, Principal Escalation Engineer, and I thought it would be interesting to get some of that good internal information out to you, Dear Reader. With all those cases and all the projects, there's basically two top things that cause trouble in production ASP.NET web sites. Long story short, Debug Mode and Anti-Virus software.
Thanks to Dwaine Gilmer, Doug Stewart and Finbar Ryan for their help on this post! It's all them!
Seems the #1 issue in support for problems with ASP.NET 2.x and 3.x is configuration.
There are more debug=true cases than there should be.
People continue to deploy debug versions of their sites to production. I talked about how to automatically transform your web.config and change it to a release version in my Mix talk on Web Deployment Made Awesome. If you want to save yourself a headache, release with debug=false.
Additionally, if you leave debug=true on individual pages, note that this will override the application level setting.
Here's why debug="true" is bad. Seriously, we're not kidding.
An important note: Contrary to what is sometimes believed, setting retail="true" in a <deployment/> element is not a direct antidote to having debug="true"!
Sometimes when you're having trouble with an ASP.NET site, the problem turns out to not be ASP.NET itself. Here's the top three issues and their causes. This category are for cases that were concluded because of external reasons and are outside of the control of support to directly affect. The sub categories are 3rd party software, Anti-virus software, Hardware, Virus attacks, DOS attacks, etc.
If you've ever run a production website you know there's always that argument about whether to run anti-virus software in production. It's not like anyone's emailing viruses and saving them to production web servers, but you want to be careful. Sometimes IT or security insists on it. However, this means you'll have software that is not your website software trying to access files at the same time your site is trying to access them.
Here's the essence as a bulleted list
...and here's the table of details:
Anti-virus software is installed onto Servers and causes all kinds of problems.
This consists of all AV software reported by our customers. All cases do not report the AV software that is being used so the manufacturer is not always known.
KB821438, KB248013, KB295375, KB817442
3rd party Vendors
This is a category of cases where the failure was due to a 3rd party manufacturer.
The top culprits are 3rd party database systems, and 3rd party internet access management systems.
Design issues that cause performance issues like sprocs, deadlocks, etc. Profile your applications and the database! (Pro tip: select * from authors doesn't scale.) Pair up DBAs and programmers and profile from end to end.
Spread the word! What kinds of common issues do YOU run into when running production sites, Dear Reader?
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. I am a failed stand-up comic, a cornrower, and a book author.
Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.