Sprint Update on January 7, 2022
January 07, 2022
CDN cache invalidation of static resources after deployment
Static resources (e.g. JS, CSS, media assets outside of Sitefinity CMS) will be purged from the CDN after deployment is completed for the given environment.
Ability to add custom post-build tasks for CI
There is a new parameter in the "CICDTemplate.yaml" that allows for defining custom post-build steps in the CI stage. The parameter is of type "stepList" and allows for standard YAML task/step syntax. This parameter can be used in the "CICD.yaml" file to plug custom tasks after the MS build. See an example below for a custom post-build task to run unit tests.
- task: VSTest@2
displayName: 'Test Assemblies'
testRunTitle: 'Default Test Run'
Edge server redirect rules based on custom conditions
Upon customer request the Sitefinity Cloud team can add redirect rules directly on the CDN edge servers that can be based on the following custom conditions.
- URL or URL component (e.g. pathname, query) matches regex
- IP is part of a whitelist or blacklist
- Request header value matches regex
These redirects will be executed before the request reaches the application server and are meant to be used for more specific cases like the following:
- If the request comes from a particular country and is not part of a whitelist of IPs, redirect to a custom page.
- If a request is made to "/Sitefinity/*" on Production and is not part of a whitelist of IPs, redirect to a 404 page.
For all standard redirect rules, IIS redirects should be managed directly in the web.config file by the customer.
Low-level DDoS protection
In addition to the best in class DDoS protection that comes built-in from Cloudflare, Sitefinity Cloud now has additional rate limiting rules that target low-level DDoS attacks. Low-level DDoS attacks can bypass the built-in protection by using low request rate and can target specific more vulnerable parts of an application. The new Sitefinity Cloud rate limiting rules can protect the underlying application against such types of attacks.
- Redis cache memory management is automated to handle memory leak cases and purge the cache when memory exceeds 90% for prolonged periods of time