Skip to content
The Bits That Byte
  • About
March 23, 2018 / Uncategorized

Sitecore 9: Restrict Access to the Client

Locking down your Content Delivery servers so external users can’t access your content management capabilities and Admin pages is one of the top security steps you need to undertake when deploying a new Sitecore environment.

The first step is to implement IP-based security restrictions:

Instructions for IIS 7 and greater are as follows: https://docs.microsoft.com/en-us/iis/configuration/system.webServer/security/ipSecurity/

The second step is disabling Anonymous IIS access:

This can be achieved by changing the authentication mode in the web.config to none:

<authentication mode="None">

Or by disabling anonymous access to the following via IIS:

  • admin folder
  • login folder
  • shell folder
  • default.aspx page

One of the benefits of Sitecore 9 is that for XM1 and XP1 deployments the authentication node is already set to none for the Content Delivery Server. For XP0, as this is intended for development environments, if you attend to use it for a CD role you will need to set the mode to none (It is not recommended to use XP0 if you have anything beyond a Development Server, use XM1 or XP1 as its intended).

References:

Restrict access to the client – https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/restrict_access_to_the_client

Post navigation

Previous Post:

Sitecore 9: Can’t Export Your Certificate’s Private Keys? Update to SIF Version 1.2.0

Next Post:

Sitecore 9.0 XP1 Client Certificates Guide

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sitecore Technology MVP

Categories

  • AngularJS
  • Azure
  • CSS3
  • HTML5
  • Hyper-V
  • JavaScript
  • jQuery
  • OneDrive
  • PowerShell
  • Responsive Web Design
  • Search
  • SEO
  • SharePoint
  • Sitecore
  • SQL 2008 R2
  • SQL 2012
  • Tech Review
  • Tech Toy
  • Technical Resources
  • Uncategorized
  • Visual Studio
  • Web Content Management
  • Windows 8
  • Windows 8 App
  • Windows App
  • Windows Server 2008 R2
  • Workflow

Sponsored Links

Recent Posts

  • Autofail: A Big Azure Autoscale Limitation and What To Do
  • Got Fixes? A Sitecore Troubleshooters Guide to Sitecore Hotfixes
  • Sitecore 10 Application Roles, Storage Roles, and Indexes
  • Don’t Copy Sitecore Databases Across Environments, Sync Instead
  • Hey Sitecore PaaS! Where are My Modules?

Blogroll

  • Colins Sitecore Tech Blog
  • Sitecore Architecture – Grant's Sitecore Rants
January 2021
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Dec    
© 2021 thebitsthatbyte.com - Powered by SimplyNews