Introduction
When I start web development in general first thing all programmers and
communities say that you shouldn�t every show detailed errors for end
user clients but ASP.NET error page it more than detailed where some
time show source code content or tables names in case programmer don�t
use n-tier style, so after good study in ASP.NEt I figure good way to
hide errors from hacker, or any bad Guy ;-) which goes in next steps
below:
Steps
1- Add special web.config tags
2- Build error handler class.
3- Create Custom error page
4- Log error on system event log.
In Action
Step one
In web.config file add following tag in system.web section:
<customErrors mode=�On� defaultRedirect=�~/CustomError.aspx� />
Step Two
Create error handler class:
public class M3MErrorHandler : IHttpModule
{
public void Init(HttpApplication app)
{
app.Error += new EventHandler(app_Error);
}
protcted void app_Error(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)app;
HttpContext context = app.Context;
Exception error = context.Serve.GetLastError().GetBaseException();
context.Response.Clear();
CompilationSection compilationConfig = (CompilationSection)WebConfigurationManager.GetWebApplicationSection(�system.web/compilation�);
if (compilationConfig.Debug) context.Server.Transfer(�~/Debug.aspx�);
else
context.Server.Transfer(�~/Error.aspx�);
}
public void Dispose()
{ }
}
}
}
Step Three
Create Two pages each one for debug information display other for public use that show error note.
Step Four
In Gloabls.asax
Record error into event log using system log in side Application_Error event
as follow
Exception x = Server.GetLastError().GetBaseException();
EventLog.WriteEntry(LOG_SOURCE, x.ToString(), EventLogEntryType.Error);
Thats all 
