I've only recently started working with asp.net and c#. Is there a standard practice set of web.config settings for a live final website? There seem to be a ton of options available and I'm looking to streamline performance, close possible security holes and other unecessary options.
+1
A:
An empty web.config (or at least an absent <system.web> element) would mean that all of the framework's recommended defaults would take effect. You would then just need to be concerned with the host (e.g., IIS) set-up.
Mark Cidade
2008-09-11 01:02:04
+1
A:
Start with a clean web.config and only add the sections you need.
For security, all you really can do is make sure you flag <compelation debug="false"> for your production box and set custom errors to true.
Rob Allen
2008-09-11 01:07:59