Sitecore Best Practice Series:


 

Sitecore Security Best Practices

 

# Practice Rationale
1. Remove access to tools not used by certain roles This practice helps improve usability of Sitecore client tools by helping remove the "noise" and allowing users to focus on what is important for them.
2. Use publish:begin or publish:end events to clear custom caches Use Sitecore caching as much as possible to avoid redundancy and unnecessary usage of additional resources, however, if custom ASP.NET caching is used, unlike Sitecore cache, it is not cleared automatically with a publish, therefore, a custom “cache clearer” should be triggered before or after the publish. If makes functional sense, it helps storing custom caches using Sitecore caching facilities, which removes the need for creating custom cache management functionality.
3. Separate CM from CD servers in production Content Delivery servers should be tightly hardened for security, which is not acceptable in the Content Management environment.
4. Trap code exceptions as close as possible to the source This practice helps reduce the security risk of error exposure.
5. Disable the default “admin” user and create a new one with administrator privileges The default “admin” account has more than just administrator privileges; for instance, it is the only account that can ignore workflows by default. Disabling it also increases security by changing the username, which is 50% of the login information.
6. Remove inheritance rather than explicitly denying access rights Sitecore items inherit Allow permissions from their parents, removing the inheritance will remove all such rights, simply the security model, and make it easier to troubleshoot security issues.
7. Enforce the “need-based” security principle Need-based security principle states that all access rights should initially be denied and only particular one ones, that are required – given. This principle help reduce security risk.
8. Make sure the /data folder is not accessible by anonymous users Data folder stores information that may assist intruders in finding vulnerabilities, restricting access to this folder eliminates this security risk.
9. Prevent configuration files from being served by the IIS Files in the App_Config folder are restricted by default; be careful about creating other setting files outside of that folder.
10. Create new Roles in Sitecore domains Sitecore domain roles are invisible to all other domains, enhancing security.
11. Use individual security domains for each website Restricts access of each website to its own domain, reducing security risks.
12. Use access right inheritance instead of assigning rights explicitly Reduces security maintenance costs.
13. Assign access restrictions to roles instead of users Reduces security maintenance costs.