{"id":3033,"date":"2019-05-07T19:22:16","date_gmt":"2019-05-07T13:52:16","guid":{"rendered":"https:\/\/www.idslogic.com\/blog\/?p=3033"},"modified":"2025-02-27T10:48:02","modified_gmt":"2025-02-27T05:18:02","slug":"how-to-make-sitefinity-backend-more-secure","status":"publish","type":"post","link":"https:\/\/www.idslogic.com\/blog\/how-to-make-sitefinity-backend-more-secure","title":{"rendered":"How to Make Sitefinity Backend More Secure"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">The Sitefinity Backend is accessed by adding \/Sitefinity to the web site URL. Users are then required to provide a valid username and password.<\/span><\/p>\n<p><span style=\"font-size: 18pt; color: #000080;\">In this blog we will learn how you can add extra layers of security to the Sitefinity CMS backend login page.<\/span><\/p>\n<p><span style=\"color: #008000;\"><strong><span style=\"font-size: 18pt;\">1- Enforce backend user to make a strong password<\/span><\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Here are some very general password guidelines<\/span><\/p>\n<ol>\n<li><span style=\"font-size: 14pt;\">Passwords should be at least 8 characters longer.The longer the better<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Passwords should be mixed-case<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Passwords should contain a mixture of numbers &amp; letters<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Passwords should not use common words<\/span><\/li>\n<\/ol>\n<p><span style=\"font-size: 14pt;\">We can control the password policy settings on a Membership provider level. This enables you to have different policies for the default provider. To navigate to these settings, go to <span style=\"color: #000080;\"><strong>Administration -&gt; Settings -&gt; Advanced -&gt; Security -&gt; Membership Providers<\/strong><\/span>. You will see a list of membership providers. Expand the Default membership provider and click on Parameters.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">The Parameters menu presents various options for configuring password policy on a membership provider level. Here\u2019s what it should look like:<\/span><\/p>\n<figure id=\"attachment_3034\" aria-describedby=\"caption-attachment-3034\" style=\"width: 617px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-3034 size-full\" src=\"https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2019\/05\/Sitefinity-Parameters.png\" alt=\"\" width=\"617\" height=\"533\" srcset=\"https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2019\/05\/Sitefinity-Parameters.png 617w, https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2019\/05\/Sitefinity-Parameters-300x259.png 300w, https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2019\/05\/Sitefinity-Parameters-560x484.png 560w\" sizes=\"auto, (max-width: 617px) 100vw, 617px\" \/><figcaption id=\"caption-attachment-3034\" class=\"wp-caption-text\">source: progress.com<\/figcaption><\/figure>\n<p><span style=\"font-size: 18pt;\"><span style=\"color: #008080;\">To Design Your Password Strength Policy<\/span><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">Change the <span style=\"color: #000080;\"><strong>minRequiredPasswordLength<\/strong><\/span> \u2013The default value is 7 and it should be of minimum 8 characters.<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Set the <span style=\"color: #000080;\"><strong>minRequiredNonalphanumericCharacters<\/strong><\/span> to a value higher than 0. Having at least 1 special character in your password drastically changes the chances for someone to brute force it. The number you put here determines how many special (non-alphanumeric) characters are required in new users passwords<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Optionally, you can configure a <span style=\"color: #000080;\"><strong>passwordStrengthRegularExpression<\/strong><\/span> \u2013 this setting lets you put in a custom regex to enforce password strength.<\/span><\/li>\n<\/ul>\n<hr \/>\n<p><span style=\"font-size: 18pt; color: #008000;\"><strong>2- By Allowing Certain IP Address Access to the Backend Login.<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Because <a href=\"\/sitefinity-development\/\"><span style=\"color: #ff0000;\">sitefinity CMS<\/span> <\/a>settings or working with the content are usually carried out by specific users in an organization, and most of the time these changes happen in an organization\u2019s internal network.<\/span><\/p>\n<hr \/>\n<p><span style=\"font-size: 18pt; color: #008000;\"><strong>3- SSL for the Login Page.<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Serving your website under https:\/\/ brings you one step closer to providing a more secure browsing experience to your users. By that, you also get a ranking boost from Google as a reward. \u00a0\u00a0\u00a0Because security is a top priority for Google.<\/span><\/p>\n<p><a href=\"https:\/\/www.idslogic.com\/dedicated-sitefinity-developer\/\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2971\" src=\"https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2017\/02\/Hire-Sitefinity-Developer.png\" alt=\"Hire Sitefinity Developer\" width=\"790\" height=\"94\" srcset=\"https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2017\/02\/Hire-Sitefinity-Developer.png 790w, https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2017\/02\/Hire-Sitefinity-Developer-300x36.png 300w, https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2017\/02\/Hire-Sitefinity-Developer-768x91.png 768w, https:\/\/www.idslogic.com\/blog\/wp-content\/uploads\/2017\/02\/Hire-Sitefinity-Developer-560x67.png 560w\" sizes=\"auto, (max-width: 790px) 100vw, 790px\" \/><\/a><span style=\"font-size: 14pt;\"> Sitefinity CMS provides a flexibility when it comes to enforcing SSL. Of course, you can configure the backend login page to be served explicitly under https\u201d\/\/. \u00a0You can configure different areas of the website to be served under SSL, the entire frontend, backend, and so on. The recommended way to go, though, is to enforce SSL for the entire website.<\/span><\/p>\n<hr \/>\n<p><span style=\"font-size: 18pt; color: #008000;\"><strong>4- By Disable the backend UI for <\/strong><strong>frontend nodes<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">This scenario is useful if you have a Sitefinity load balancing environment and you want to disable the backend on all frontend nodes, but leave it enabled on nodes used for development.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">To disable the backend UI, perform the following:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">Click Administration Settings\u00a0 Advanced<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Select <span style=\"color: #000080;\">DisableBackendUI<\/span> checkbox and click <span style=\"color: #000080;\">Save changes<\/span>. This settings make a change to the file ~<span style=\"color: #000080;\">\/App-Data\/Sitefinity\/Configurations\/SystemConfig.config<\/span> by adding <span style=\"color: #000080;\">disableBackendUI=&#8221;True&#8221;<\/span><\/span><\/li>\n<li><span style=\"font-size: 14pt;\">To enable the backend UI, open the <span style=\"color: #000080;\">SystemConfig.config<\/span> and delete <span style=\"color: #000080;\">disableBackendUI=&#8221;True&#8221;<\/span><\/span><\/li>\n<\/ul>\n<blockquote>\n<p style=\"box-shadow: 0 0 16px #cccccc; padding: 10px;\"><span style=\"font-size: 14pt;\"><span style=\"color: #800000;\"><strong>Also Read:<\/strong>\u00a0<\/span><a href=\"\/blog\/why-post-launch-sitefinity-cms-website-support-is-important-for-business-owners\"><span style=\"color: #ff0000;\">Why Post Launch Sitefinity CMS Website Support Is Important for Business Owners?<\/span><\/a><\/span><\/p>\n<\/blockquote>\n<p><span style=\"font-size: 14pt; color: #800000;\"><strong>Contributed By:<\/strong><\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Manoj Singh<\/span><\/p>\n<hr \/>\n<div class=\"newsletter_form\">\n<h2>Sign up our Newsletter!<\/h2>\n<div class=\"emaillist\" id=\"es_form_f0-n1\"><form action=\"\/blog\/wp-json\/wp\/v2\/posts\/3033#es_form_f0-n1\" method=\"post\" class=\"es_subscription_form es_shortcode_form  es_ajax_subscription_form\" id=\"es_subscription_form_6a3a69eb18bf2\" data-source=\"ig-es\" data-form-id=\"0\"><div class=\"es-field-wrap\"><label>Name<br \/><input type=\"text\" name=\"esfpx_name\" class=\"ig_es_form_field_name\" placeholder=\"\" value=\"\" \/><\/label><\/div><div class=\"es-field-wrap\"><label>Email*<br \/><input class=\"es_required_field es_txt_email ig_es_form_field_email\" type=\"email\" name=\"esfpx_email\" value=\"\" placeholder=\"\" required=\"required\" \/><\/label><\/div><input type=\"hidden\" name=\"esfpx_form_id\" value=\"0\" \/><input type=\"hidden\" name=\"es\" value=\"subscribe\" \/>\n\t\t\t<input type=\"hidden\" name=\"esfpx_es_form_identifier\" value=\"f0-n1\" \/>\n\t\t\t<input type=\"hidden\" name=\"esfpx_es_email_page\" value=\"3033\" \/>\n\t\t\t<input type=\"hidden\" name=\"esfpx_es_email_page_url\" value=\"https:\/\/www.idslogic.com\/blog\/how-to-make-sitefinity-backend-more-secure\" \/>\n\t\t\t<input type=\"hidden\" name=\"esfpx_status\" value=\"Unconfirmed\" \/>\n\t\t\t<input type=\"hidden\" name=\"esfpx_es-subscribe\" id=\"es-subscribe-6a3a69eb18bf2\" value=\"e12a72702e\" \/>\n\t\t\t<label style=\"position:absolute;top:-99999px;left:-99999px;z-index:-99;\" aria-hidden=\"true\"><span hidden>Please leave this field empty.<\/span><input type=\"email\" name=\"esfpx_es_hp_email\" class=\"es_required_field\" tabindex=\"-1\" autocomplete=\"-1\" value=\"\" \/><\/label><input type=\"submit\" name=\"submit\" class=\"es_subscription_form_submit es_submit_button es_textbox_button\" id=\"es_subscription_form_submit_6a3a69eb18bf2\" value=\"Subscribe\" \/><span class=\"es_spinner_image\" id=\"spinner-image\"><img decoding=\"async\" src=\"https:\/\/www.idslogic.com\/blog\/wp-content\/plugins\/email-subscribers\/lite\/public\/images\/spinner.gif\" alt=\"Loading\" \/><\/span><\/form><span class=\"es_subscription_message \" id=\"es_subscription_message_6a3a69eb18bf2\" role=\"alert\" aria-live=\"assertive\"><\/span><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The Sitefinity Backend is accessed by adding \/Sitefinity to the web site URL. Users are then required to provide a valid username and password. In this blog we will learn how you can add extra layers of security to the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":3035,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[251],"tags":[798,226,284],"class_list":["post-3033","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sitefinity","tag-sitefinity-cms-security","tag-sitefinity-development","tag-sitefinity-development-company"],"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/posts\/3033","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/comments?post=3033"}],"version-history":[{"count":7,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/posts\/3033\/revisions"}],"predecessor-version":[{"id":11173,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/posts\/3033\/revisions\/11173"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/media\/3035"}],"wp:attachment":[{"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/media?parent=3033"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/categories?post=3033"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.idslogic.com\/blog\/wp-json\/wp\/v2\/tags?post=3033"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}