Best Practices Security

Friday Sitecore Best Practice: Avoid Exposing the Data Folder

In this episode we look at the danger of copying the Data folder to the Sitecore IIS root folder, Website. It seems obvious from the sidelines, however, this is way too often to fix the “missing license” error that Sitecore throws if the “dataFolder” setting hadn’t been updated to point to the proper location of the Data folder.

 


One comments on “Friday Sitecore Best Practice: Avoid Exposing the Data Folder
  1. Thomas Eldblom on said:

    Another practical and secure approach is to rename the webroot/data folder to webroot/app_data. This folder is secured by .NET and makes it possible to have relative paths in the config – which ultimately means easier deploys across environments.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.