Enable and disable an administrative tool

Abstract

How to disable Sitecore administrative tools on production instances.

Applies to

Content Management and Content Delivery.

Sitecore Installation Framework

Most administrative tools are not disabled by default. In Sitecore 9.0.2 and later, SqlShell.aspx is disabled by default.

Azure Toolkit

Most administrative tools are not disabled by default. In Sitecore 9.0.2 and later, SqlShell.aspx is disabled by default.

You can use the Sitecore administrative tools to troubleshoot issues in a production environment, but for security reasons you must:

  • Always disable them as part of the deployment process.

  • Always disable them when you are not using them.

  • Never enable them on the Content Delivery, xDB Reporting, and xDB Processing roles. You can safely delete the administrative tools folder on these roles.

  • Only enable them on Content Management roles that are not exposed to the internet.

The administrative tools are ASPX files with .aspx extensions. You find them in the <webroot>\sitecore\admin\ folder and its subfolders.

Disable an administrative tool

To disable an administrative tool:

  1. In the administrative tools folder, click the tool you want to disable.

  2. Add .disabled to the tools filename. For example, rename cache.aspx to cache.aspx.disabled.

Enable an administrative tool that is disabled by default

To enable the SqlShell.aspx tool:

  1. Go to the administrative tools folder.

  2. Create an empty file named enabled. The SqlShell.aspx tool checks for the presence of this file.

To enable the unlock_admin.aspx tool:

  1. Go to the administrative tools folder.

  2. Open the unlock_admin.aspx file.

  3. Locate the enableUnlockButton property.

  4. Change the value from false to true.

    private bool enableUnlockButton = true;
  5. Save the unlock_admin.aspx file.