In Sitefinity Cloud the application's security is treated with highest priority. Complex mechanisms for securing your project are available on both application and infrastructure level.
Sitefinity has an out-of-the-box Web security module that you can use to configure HTTP security headers, redirect and referrer validation. This way you protect your Sitefinity CMS sites against attacks.
There are various types of attacks that you can prevent – Cross-site scripting (XSS), clickjacking, code injection, stealing or modifying data in transit (man-in-the-middle), content sniffing. HTTP protocol defines headers that all modern browsers understand and use to protect user or site data. Additionally built-in redirect and referrer validation mechanisms add further protection against Open Redirect and Cross-site Request Forgery types of attacks. For more information see Web security module
Sitefinity Cloud adds an extra layer of Infrastructure Security to complement the out of the box security capabilities, provided on a Sitefinity application level. This extra layer of security is implemented utilizing Microsoft Azure services and components.
Dedicated tenant for each customer
Each Sitefinity Cloud customer account is provisioned with a dedicated subscription. This guarantees that your data is contained within your subscription, and no resources are shared between subscriptions.
Access to any App Service, Storage Account, SQL Database, or Redis Cache service is restricted using a firewall whitelist. Users don’t have access to any of the Azure services except for read access to Application Insights and Blob Storage.
Azure Resources connectivity
The connection between the Azure resources for each customer goes through the shared networking in Azure, which means that it does not cross any network boundaries and is encrypted.
The following list provides additional details:
Azure App Service
- Listens on HTTP port 80
- Listens on HTTPS port 443
- All HTTP traffic is redirected to HTTPS
- SSL certificate uses RSA-SHA256 encryption
- Staging environment - IPs provided by customer (usually public IPs of customer on-premises networks)
- Production environment - IP of the Azure Application Gateway (if configured) or any public IP if Azure Application Gateway is not configured.
Azure SQL Database
- SQL Server always enforces encryption (SSL/TLS) for all connections. This ensures all data is encrypted "in transit" between the client and server
- IP of the Azure App Service that connects to that DB
- IP of build machine that executes database backup is temporary added to perform the operation and removed immediately after
Azure Blob Storage
- HTTP traffic is rejected
- HTTPS, or SMB with encryption is required to connect to the storage account
- IPs provided by customer (usually public IPs of customer on-premises networks)
- Listens on HTTPS port 443
- Client-to-service interactions are SSL/TLS capable
Azure Cache for Redis
- Listens on port 6380
- Non-SSL access is disabled
- Minimum TLS version is 1.0
- IP of the Azure App Service that connects to that Redis service
Distributed denial of service (DDoS)
Such attacks represent one of the largest security concerns for customers and vendors alike. A DDoS attack targets an application’s resources, making the application unavailable to legitimate users. Sitefinity Cloud takes advantage of the automatically enabled DDoS protection for the entire Azure platform. Always-on traffic monitoring, and real-time mitigation of common network-level attacks, provide the same defenses utilized by Microsoft’s online services.
Network Traffic Filtering
Security rules that control network traffic to and from the Azure resources that constitute the Sitefinity Cloud environment.
Local Address Requests
Connection attempts to local addresses (e.g. localhost, 127.0.0.1) and the machine's own IP will fail, except if another process in the same sandbox has created a listening socket on the destination port.
Encryption at rest
Web site file content, database backups, and system logs are stored in Azure Storage, which automatically encrypts the content at rest. Index data stored in Azure Search Service is also encrypted at rest.
Database backups and point-in-time restore
The Azure SQL Database service protects all databases with an automated backup system. These backups are retained for 35 days by default and the duration can be extended. Point-in-time restore is a capability, allowing to restore a database from these backups to any point within the retention period. Database restore is performed only after explicit request form the customer.
PII obfuscation upon database backup creation
A mechanism is provided for performing on demand backups of staging and production databases. The backups are meant to be used for development/troubleshooting purposes and the personal identifiable information is obfuscated.
Transparent data encryption for databases
Encrypts your databases, backups, and logs at rest without any changes to your application.
Advanced Data Security (SQL Servers)
Includes Data Discovery & Classification, Vulnerability Assessment and Advanced Threat Protection.
SQL database auditing
Helps maintaining regulatory compliance and gathering insight into any database discrepancies and anomalies.