[Me]:- Guruji, what questions can I ask myself or raise as clarifications to sort server side issues?
[Guruji]:- You can ask yourself these questions to elucidate server side issues
1) What is the required stability and uptime for this application?
2) What type of servers are being planned for deployment? Microsoft Internet Server (IIS)? Netscape Web server? Apache Web server?
3) What server-side technologies are being planned? ISAPI? CGI? ASP? Scripts? Make sure these are compatible with the server platform planned.
4) What is the server architecture?
5) What is the server technology?
6) Are there other servers involved? (Hardware load balancers, routers, hardware SSL, and so on.)
7) What software dependencies does your application have? (OS, components, third-party components, and so on.)
8) Is there a test lab for you to test the application in? Does it accurately mirror the intended deployment topology?
9) What ports are left open? Are these necessary?
11) Is the content expiration set in the response header or in the META data for the page?
12) How many users total are expected? How many simultaneously?
13) How does the application scale? Up or out? What is the scaling unit, and how many users are supported there?
14) What is the anticipated traffic?
15) How are backups, restores, failovers, and disasters handled?
16) Is there any user management? How are they managed?
17) How are the live boxes administered?
18) Where is the bottleneck? Is it acceptable? (Disk I/O, network, memory paging, database, and so on.)
19) What memory leaks exist? Have you looked for them?
20) Is server-side caching implemented?
21) Is the architecture redundant and distributed?
22) Are server logs analyzed while testing?
23) Is there a plan to dogfood this application or have a progressive roll-out to users?
24) What happens if the server hard drive space on servers fills up?
25) Could a malicious user constantly fire errors into the log to attempt to fill up the hard drive space?
26) How are requests received from the client? ASP, ISAPI filters, CGI?
27) What user context does the receiving code run under? (Administrator, sa, local system, local user, or so forth.)
28) Is the communication between the client and the server (or the server and the other servers) in plaintext or encrypted?
29) How does the server know the user is who he says he is?
30) How does the user know the server is who it says it is?
31) Is data stored securely on the server?