Our best practice guide to Sitecore security
When building Sitecore websites, Sitecore security precautions should be in place from the start. This means you don’t experience any nasty problems with your installation down the road. We’ve put together these best practice guidelines to help you minimise any potential risks. And maintain a safe and secure Sitecore website.
Sitecore gives you a lot of flexibility and this can lead to complex configurations. During a recent project, we adopted a site that wasn’t encoding data as it should have. By adding a simple setting in the configuration, we made the site less vulnerable.
An application is only as safe as its code. Sitecore is a great foundation for your website. Code should follow coding standards and best practice to provide a “safe house”.
The basic principles any Sitecore development should follow are:
For great Sitecore security, reduce the chance of losing sensitive data. Make sure you secure connections (using https) to areas that communicate sensitive data.
Typical areas might be:
https connectivity can be easily configured in Sitecore on a page by page basis to keep the relevant pages protected.
In the interest of Sitecore security, it may not be ideal to operate from a single server.
If possible, separate your Sitecore instance into two servers:
This will have Sitecore licensing, hardware cost and Sitecore hosting implications. There are plenty of advantages. With this setup the authoring environment will remain hidden away. It may only be accessible on your internal network or restricted by IP address.
So in a worst-case scenario, where an attack comprises your website, it wouldn’t affect the master database. The damage would be limited and recovery would be quicker.
Another precaution is using load-balanced servers.
The benefits to this are:
An important part of Sitecore security is managing security permissions.
Here are some tips for setting security permissions in Sitecore:
Give the right people control over publishing the right content at the right time. Start by planning the workflow for content from ‘draft’ to ‘published’. Map a simple content workflow which determines who approves content and how many stages of approval there are. Add roles such as an “author” and an “approver” with the appropriate permissions. You can then assign these roles to different users.
Hopefully you never have disgruntled ex-employees. But it’s still a good idea to keep on top of your active user accounts. Consider introducing a step in your staff exit procedure that makes sure user accounts are disabled. On top of that, a regular review of your active accounts is wise.
Focus on the Sitecore user accounts as a priority. But for general good housekeeping do a wider user account review. We have developed custom functionality for some of our customers to aid this process.
Ask any Sitecore developer and they’ll know the password for the default admin user. So make sure that you either remove the default admin user completely or change the default password.
Consider implementing a requirement for complex passwords. You know the type that seem more like an endurance challenge? Yup, those.
In all seriousness, users are becoming more accustomed to this requirement. A few rules will encourage your users to have stronger passwords. And for Sitecore security best practice, it’s not a bad idea to require a regular password change.
Too many administrators are like too many cooks! Not everyone needs to be an administrator. Instead, create specific site administrator roles which can be configured accordingly.
It is rare that we give our customers’ full Sitecore administrator privileges. This prevents them from accidentally accessing elements that can disrupt the site such as changing templates. Overall, this gives them a simpler user experience.
If you’re having issues with your Sitecore implementation or your site performance, talk to us about a Sitecore audit. If you’re new to Sitecore and want to know more, we can give you a free Sitecore demo.