Making security-hardened environments
It is extremely important to make your Sitecore installation configured properly in order to protect it against attacks from malicious forces. In this recipe, you will learn security hardening using some settings and coding.
How to do it…
We will first perform security hardening recommendations on the Sitecore application:
- Create a new admin user and delete the default admin user. Also, try to create as few admin users as possible.
- From IIS, navigate to the following folders. From their properties, disable their anonymous access. You can even secure admin folders using Windows authentication.
/App_Config
/sitecore/admin
/sitecore/debug
/sitecore/shell/WebService
- From IIS, deny the execute permission on the
/upload ...
Get Sitecore Cookbook for Developers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.