Print
Audience: Administrators, Developers.
This document is designed to help you make your Sitecore installation as secure as possible and contains details of our best practices and recommendations for ensuring that your Sitecore installation is a secure as possible.
To download the document, click one of the below links.
Sitecore CMS 6.5-6.6 versions:
- Download the document in A4 format (PDF,1 MB)
- Download the document in US letter format (PDF, 1 MB)
Sitecore CMS 6.0-6.4 versions:
- Download the document in A4 format (PDF, 0.9 MB)
- Download the document in US letter format (PDF, 0.9 MB)
The following zip file contains the Security Hardening Guide in Pdf format and a Sitecore package that contains the Upload Filter-1.0.0.2 tool that is explained in the Security Hardening Guide. Download this zip file to get access to both the Security Hardening Guide and the tool.
- Download Security Hardening Guide + Upload Filter Tool (ZIP archive, 0.7 MB)
Table of Contents (valid for Sitecore CMS 6.0-6.4)
Introduction
Secure Software
General Recommendations
Security Settings
Security Settings
Limiting Access to .XML, .XSLT, and .MRT Files
Protecting Folders in the IIS
Limiting Anonymous Access to Folders in IIS 6
Limiting Anonymous Access to Folders in IIS 7
The Structure of the Website Folder
Turn off Auto Complete of Username in the Login Page
Controlling File Upload
Disabling the Upload Watcher
The Upload Filter Tool
Installing the Upload Filter Tool
Configuring the Upload Filter Tool
Security and Client RSS Feeds
Disabling Client RSS Feeds
Recommended Reading
Other Resources