Topics

All topics

Web security settings

Sitefinity CMS provides you with a variety of settings to fine-tune security and authentication.

You can configure access over an IP network through LDAP or configure SSL when you have sensitive information, such as login credentials or credit card information, transferred over the network. You can additionally secure cookies and configure authentication expiration.

When working with more than one website in Sitefinity CMS, to avoid logoff from one of the websites to login to the other, you can configure to login with the same credentials to different websites that run on the same localhost. You can also configure when and whether the self-logout dialog is displayed.

This section contains

Configure SSL
Install SSL certificate and configure all or specific pages to require SSL, especially when having sensitive information transferred over the network.
SSL offloading
Secure cookies
Use this procedure to secure cookies for claims and forms authentication.
Enable HTTP Strict Transport Security (HSTS)
Configure HTTP and HTTPS bindings to work simultaneously
Encrypt configurations
HTML sanitization
HTML sanitizer ensures HTML content is safe and avoids cross-site scripting (XSS) attacks while allowing users to contribute with content.
Security and load balancing
Global data processing
Use the global data processing framework to process all data that is sent to the database. Define data processors to track or modify the database entities.
Append nofollow attribute to untrusted links
Append a rel="nofollow" attribute to hyperlinks present in untrusted content. Untrusted content represents comments posted by site visitors.

Want to learn more?

Increase your Sitefinity skills by signing up for our free trainings. Get Sitefinity-certified at Progress Education Community to boost your credentials.

Get started with Integration Hub | Sitefinity Cloud | Sitefinity SaaS

This free lesson teaches administrators, marketers, and other business professionals how to use the Integration hub service to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting yor Sitefinity instance and its sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity .NET Core and leverage its decoupled architecture and new way of coding against the platform.

Was this article helpful?

Yes No

Authentication

Topics

Web security settings

NEW TO SITEFINITY?

Want to learn more?

Tags

Was this article helpful?

Would you like to submit additional feedback?

Next article