Securing Experience Manager

Abstract

Overview of Sitecore Application roles, Storage roles and indexes with links to vendor best practices.

Apply vendor best practices to all application roles, storage roles, and indexes. The following list of tasks are specific to Sitecore.

Application roles

Note

The XP Single topology technically supports a combined Content Delivery/Content Management role. This combination is not recommended in a production environment.

Secure the Content Delivery role

The following tasks apply to all core roles:

The following additional tasks should be performed on the Content Delivery role:

Secure the Content Management role

The following tasks apply to all core roles:

The following additional task should be performed on the Content Management role:

Secure the Content Publishing role

The following tasks should be performed on the Content Publishing role:

Enable HTTPS for the Content Publishing role

Storage Roles

Web database

No additional Sitecore-specific tasks.

Master database

No additional Sitecore-specific tasks.

Core database

No additional Sitecore-specific tasks.

Private Session State Store

No additional Sitecore-specific tasks.

Shared Session State Store

No additional Sitecore-specific tasks.

Forms database

No additional Sitecore-specific tasks.

Indexes

Web index

No additional Sitecore-specific tasks.

Master index

No additional Sitecore-specific tasks.

Core index

No additional Sitecore-specific tasks.