Separate Content Management and Content Delivery servers

Abstract

Overview of the deployment strategy for production level Sitecore Content Management and Content Delivery servers.

Applies to

Content Delivery, Content Management

Sitecore Installation Framework

Roles are separate in the XP Scaled topology.

Azure Toolkit

Roles are separate in the XP Scaled topology.

As part of a defense in depth strategy, you should aim to reduce the surface area of your deployment.

Sitecore therefore recommends that you deploy separate Content Management (internal only) and Content Delivery (internet facing) servers in a production environment. Furthermore, you should not expose your Content Management environment to the internet.

Important

A combined CD/CM environment is only possible in an XP Single topology that combines all core roles, or a CMS-only setup. Neither setup is recommended in production.

If you have to expose your Content Management environment to the internet, you must:

  • Use HTTPS to secure the Content Management server.

  • Consider using IP Filtering to allow only white-listed clients to connect to the Content Management environment

or

  • Consider using the Dynamic IP Address Restrictions feature that is available in IIS.