Security tasks
Version:
This section lists all security hardening and security configuration tasks in no particular order. Each topic includes information about which role is affected.
Refer to the following topics for a list of security tasks organized by role:
Security tasks
Security tasks
- Change the administrator password
- Configure API authentication keys in a scaled environment
- Disable administrative tools
- Disable client RSS feeds
- Disable SQL Server access from XSLT
- Enable client certificate authentication
- Enable FIPS
- Enforce HTTPS for XP service roles
- Enable HTTPS for core roles
- Enable HTTPS for Content Search
- Enforce HTTPS for xConnect Search
- Enforce HTTPS for the xDB Processing service end point
- Enable HTTPS for the Content Publishing role
- Increase login security
- Limit access to .XML, .XSLT, and .MRT files
- Change the hash algorithm for password encryption
- Protect media requests
- Remove header information from responses sent by your website
- Restrict access to the client
- Secure the file upload functionality
- Limit access to PhantomJS
- Secure Sitecore.Services.Client
- Secure the Telerik controls
- IP hashing
- Separate Content Management and Content Delivery servers
- Configure SQL Always Encrypted for the xDB Collection database
If you have suggestions for improving this article, let us know!