Limit access to PhantomJS

Version: 10.1

Applies to

All core roles

Sitecore Installation Framework

PhantomJS is not disabled by default on Content Delivery, xDB Processing, and xDB Reporting roles.

Azure Toolkit

PhantomJS is not disabled by default on Content Delivery, xDB Processing, and xDB Reporting roles.

PhantomJS is a third-party program that ships with Sitecore. It's used by the content testing functionality for generating screenshots of web pages on the Content Management and EXM Dispatch roles, and for generating thumbnails. You can increase the security around PhantomJS by moving the program, limiting its permissions, and disabling it on roles where it isn't needed.

Place PhantomJS outside the webroot folder

PhantomJS is located in the <webroot>\$(dataFolder)\tools\phantomjs\ folder. The $(dataFolder) variable defaults to App_Data, which places PhantomJS in the <webroot>\App_Data\tools\phantomjs\ folder. This can potentially give outsiders access to the phantomjs.exe program file if Sitecore security settings aren't configured properly.

For content testing, Sitecore references PhantomJS through the ContentTesting.PhantomJS.ExecutablePath setting in the <webroot>\App_Config\Sitecore\ContentTesting\Sitecore.ContentTesting.config patch file.

For thumbnail generation, Sitecore references PhantomJS through these settings:

  • PhantomJsExePath references the phantomjs.exe file. The default value is <sitecore data folder>/tools/phantomjs/phantomjs.exe.

  • PhantomJsRenderScriptPath references the render.js file. The default value is <sitecore data folder>/tools/phantomjs/render.js.

Note

For more information on creating patch files, see Use a patch file to customize the Sitecore configuration.

To move the PhantomJS folder:

  1. Move the <webroot>\App_Data\tools\phantomjs\ folder to, for example, C:\phantomjs1\. If you want, you can define two phantomjs folders, for example, phantomjs1 for content testing, and phantomjs2 for thumbnails.

  2. In the <webroot>\App_Config\Include\ folder, create a patch file named, for example, MovePhantomJSFolder.config.

  3. Insert the following configuration:

    RequestResponse
    <configuration xmlns:patch="http://www.sitecore.net/xmlconfig/" xmlns:role="http://www.sitecore.net/xmlconfig/role/" xmlns:security="http://www.sitecore.net/xmlconfig/security/">
        <sitecore>
            <settings>
                <setting name="ContentTesting.PhantomJS.ExecutablePath" value="C:\phantomjs1\phantomjs.exe" />
                <setting name="PhantomJsExePath" value="C:\phantomjs2\phantomjs.exe" />
                <setting name="PhantomJsRenderScriptPath" value="C:\phantomjs2\render.js" />
            </settings>
        </sitecore>
    </configuration>
  4. Save the patch file.

  5. Move the contents from the App_Data folder to the new data folder (for example, D:\SC\Data).

    Important

    The App_Data folder is defined, by default, in the dataFolder variable in the Sitecore.config file.

    If you create a new location for the PhantomJS.exe (for example, C:\PhantomJs ), be sure to move only the files found by default inside the <webroot>\App_Data\tools\phantomjs folder to the new location.

Limit PhantomJS permissions

Because PhantomJS is executed from within Sitecore, it runs with the same permissions as Sitecore. We recommend that you always run Sitecore with the fewest permissions possible and only allow Sitecore access to the necessary files and folders.

Limit access to the PhantomJS folder and program file

We recommend that you limit the Sitecore account to:

  • Read access to the PhantomJS folder

  • Execute permission on the PhantomJS program file

Limit access to the screenshots folder

Sitecore passes PhantomJS a script that is generated by the RenderScripts processor in the getScreenShotForURL pipeline. The script instructs PhantomJS to write screenshots to a specific folder and filename. The folder is specified in the getScreenShotForURL pipeline and defaults to <webroot>\temp\screenshots. The filename is generated by the GenerateFilename processor.

We recommend that you limit the Sitecore account to Read and Write access to the screenshots folder.

Limit access to the cache folder

PhantomJS is configured to cache web resources on disk, and the cache location can be any of the following depending on the Windows version:

  • C:\Ofi Labs\PhantomJS\cache

  • C:\Users\<user>\AppData\Local\Ofi Labs\PhantomJS\cache where <user> is the account under which Sitecore is running.

We recommend that you limit the Sitecore account to Read and Write access to the cache folder.

Alternatively, to disable the disk cache entirely:

  1. Open the \App_Config\Sitecore\ContentTesting\Sitecore.ContentTesting.config file.

  2. Change the ContentTesting.PhantomJS.EnableDiskCache setting to false.

Note

Be aware that disabling the cache makes screenshot generation take longer because all web resources must be retrieved for each screenshot every time.

Disable PhantomJS

PhantomJS isn't needed on the Content Delivery, xDB Processing, and xDB Reporting roles, and you can disable it by patching the getScreenShotForURL pipeline that launches it and removing the program folder.

The getScreenShotForURL pipeline is located in the <webroot>\App_Config\Sitecore\ContentTesting\Sitecore.ContentTesting.config configuration file.

To disable the getScreenShotForURL pipeline and remove the PhantomJS folder:

  1. Go to the <webroot>\App_Config\Include\ folder.

  2. Create a patch file named, for example, DisableGetScreenShotForURLPipeline.config.

  3. Insert the following configuration:

    RequestResponse
    <configuration xmlns:patch="http://www.sitecore.net/xmlconfig/" xmlns:role="http://www.sitecore.net/xmlconfig/role/">
      <sitecore role:require="ContentDelivery or >
        <pipelines>
          <getScreenShotForURL>
            <patch:delete />
          </getScreenShotForURL>
        </pipelines>
      </sitecore>
    </configuration>
  4. Save the patch file.

  5. Go to the <webroot>\$(dataFolder)\tools\ folder.

  6. Remove the phantomjs\ folder including the phantomjs.exe executable file.

Do you have some feedback for us?

If you have suggestions for improving this article,