SharePoint Timer service issues

I recently came across an issue with SharePoint 2010 , this issue related to SharePoint Timer service which cause many things to stop functioning in the right way for example deploying WSP solution will be stacked in “deploying” status or “retracting” status or for example if you run “Reanalyze Now” in health check items , it will not update the status and the button will be disabled for long time …etc.


In my case , I tried the solutions suggested in this post “SharePoint 2010 Troubleshooting: Solution deployment stuck on deploying” but no succeed result

After more investigation , I found this issue in the server with Visual Studio 2010 installed on it , when I restarted the SharePoint Timer service I got this error “System.Security.Cryptography.CryptographicException …”


The fix for this issue described in this post “System.Security.Cryptography.CryptographicException – Keyset does not exist”

but this is not the fix for the real issue which cause the job timers to stuck.

The real issue was,SPTimerServiceInstance wasn’t online in all servers after patching the SharePoint servers so to fix the issue , just run the following power shell in all SharePoint servers to make sure it’s online in all servers:

$farm  = Get-SPFarm
$disabledTimers = $farm.TimerService.Instances | where {$_.Status -ne “Online”}
if ($disabledTimers -ne $null)
foreach ($timer in $disabledTimers)
Write-Host “Timer service instance on server ” $timer.Server.Name ” is not Online. Current status:” $timer.Status
Write-Host “Attempting to set the status of the service instance to online”
$timer.Status = [Microsoft.SharePoint.Administration.SPObjectStatus]::Online

Then restart the SPTimer Windows service manually.

For more information about this issue check this post “SharePoint Server 2010: Timer Jobs not Functioning After Applying Updates”


Maximizing Website Performance

Why maximizing website performance?

To meet these goals:

  • User satisfaction and business expectation
  • Improved Search ranking
  • Support Mobile Users (slow and limited Internet connection)
  • Reduce the costs (less bandwidth + less network latency + less resources usage (Servers, RAM …))


Network latency = (how long a packet takes to move between the server and the client).

Why websites are slow?

More than 80% slowness issues come from front end side and the rest percentages come from the back end side, client side means (HTML, CSS, JavaScript and images).


Performance measurement should be done periodically because of data changes.

What are the tools used to analyze website performance?

Use these tools to analyze websites performance before and after applying optimization to know where you are (benchmark):


Before running web performance testing, make sure to disable extensions in your browsers which could affect the result like AdBlock, FlashBlock …

Hints in using these tool:

Hints With Fiddler

  • Statistics tab (to see Number of requests , size , time and response contents)


  • Chart


  • Timeline

First request takes less than 1 sec which is from server side and the reset timeline represent the client side loading


Hints with YSlow

Check the Grade and the recommendation


Hints with Google PageSpeed

Show testing result for Mobile and Desktop and their Suggestions for improvements


Hints with Web developer tools

  • Requests loading


  • Hover context


  • Statistics


  • Filters (for example , filter to show only images and then check the statistics)


  • Disable Cache


Hints with Web Load Testing tool

  • Recording the loading intervals and Save it as Video


  • You can select browser versions , device types and test location (to test network latency) , also you can run the test up to 9 times (to see different behavior based on internet connection and cached view for second test)


  • Performance Score


  • Show First and Repeat View

First byte = first byte received by the browser


  • Compare (with different websites)


  • Emulate mobile version


  • Waterfall View


  • Tabular View


  • Content breakdown


  • Performance review


  • Single point of failure (SPOF)

What if your website use twitter API, to know how your website will behave when twitter is down


  • Block files


  • Disable JavaScript


  • Use Authentication


Hints with tracert


Hints with Google Search engine (Top links)


General Rules for Good Website performance:

  • Reduce HTTP requests
  • Send as little as possible over the network
  • Send it as infrequently as possible (using Cache)

Hints for some rules:

  • HTTP Compression in IIS


Don’t add images because they are already compressed

  • Content Expiration
    • Cache the files (static files like images and JavaScript) in client side
    • Client send “if-modified-since”, if modified then the server will send the new content with 200 http and if not then the server will send 304 http request
    • The expiration time stored in Cache-Control
    • Caching common resources will help to increase the performance in all pages
    • Sometime proxy server causes issue with Caching by telling the client there is no updates but in reality there is an update
    • In IIS, to enable it
    • To check where the browser stores these files, for example in chrome, go to C:\Users\<user-name>\AppData\Local\Google\Chrome\User Data\Default\Cache
    • For more information ,
  • Content Distribution Network(CDN)
    • Locate files which geographically closer to users
    • And offloads work from your servers
    • Also if multiple sites using the same files then the browser will get it from the cache
    • Typically for static files like (CSS, images and JavaScript)
    • Common example, jQuery CDN
  • ETags
  • Remove unused HTTP headers
    • Also improve the site security (less information, less attacks)
    • Reduce Response size
    • Headers to remove
      • X-AspNet-Version
      • Server
      • X-Powered-By
  • Multiple domains for static Resources
    • Browsers will open a series of background connections to retrieve objects from web servers
    • Each browser has simultaneous limit
    • Be balanced, more domains mean more DNS initiation which cause slowness






Securing JavaScript Code

Web Applications become heavily based on JavaScript code especially Single Page applications. Here I will list some important security controls and vulnerabilities commonly exist within JavaScript applications to be avoided or considered during developing your web applications.

Security Risks and Controls