Content Manager security best practices
This topic describes the best practices concerning security for the Content Manager.
- Username and password
-
If somebody wants to get access to your system, the easiest way would be to start with known accounts. Changing the default names at least takes away that possibility. You must therefore always change the default username everywhere.
- Installer log files
-
The installers used for installing the SDL Tridion products have logging enabled. This has the unfortunate side-effect that most data entered during setup is contained in the log files. This includes sensitive data such as passwords. SDL recommends to remove the log files from the server, but to keep them for later when upgrading to a newer version or when obtaining customer support from SDL Tridion.
- LDAP authentication
-
When using the LDAP authentication in IIS all passwords must be typed by the users of the system. This means that IIS must be configured to Anonymous authentication. To ensure safe data transport HTTPS can be used for the Web sites. Also, for the communication towards the LDAP-accessible server, LDAPS can be used.
- WebDAV and Business Connector
-
Both WebDAV Connector and Business Connector (deprecated) can use HTTPS as a protocol to ensure encrypted data transport, including user name and password, to the Content Manager.
- Uploading files
-
SDL Tridion enables users to upload files into the Content Manager. This is a multi-step process that needs to write the files into a directory first (the upload directory of the Web site).
To prevent users from uploading and executing malicious files, the directory settings in IIS should have
no execute. Also, the Preview directory should have no execute rights, because that directory is used for showing binary files in preview mode. If an executable would be able to execute in that directory, any user could upload an executable and by previewing, run it on the server.Finally grant write access to the upload folder to the Network Service user, as configured in the Application Pool (called
NETWORK SERVICEby default).