Why are exceptions so dangerous? And what to do about it.

I often find out that I can cause exceptions on Sitecore sites. This can really harm your website. For example, enough exceptions can let your application pool perform a restart. After this restart your Sitecore installation will re-initialise its cache which takes some times. I’ve even seen that IIS dumps it’s full memory running on IIS6 in Isolation mode.

Instead of letting your exception passing through to the user, I’d recommend to create an error page or even better handle it into your current page. Especially when you depend on Querystring parameters(= user input), don’t trust anybody and always check your input before using it. Also use pre and post conditions. Example: if you have 12 news pages, check if the requested pageNumber is between 1 and 12 before accessing it. Otherwise return a default value.

You can find more information on how IIS and ASP.NET behaves when you’ve got some issues on the following 2 links:

Good luck protecting your pages against these issues!