November Happy Hour will be moved to Thursday December 5th.
AI OnAI Off
Restricting access to EPiServer edit / admin suite
Hi Tim,
What we have done for a few clients (and I know it is a common way to solve this) is to have one publishing server and 3 public servers. On the publishing server you restrict all traffic so only editors from your IP range can access the server. On the public server you remove the edit capabilities (just remove the roles from the web.config or you can also delete login.aspx, util files etc.). And if you want to make it a little more secure you can also stick a firewall between the publishing and public servers, just remember to test cache invalidation.
-Alexander Haneng
Making Waves
Aug 31, 2011 12:30
We have solved it with help of our hardware loadbalancer (we had Netscaler before and now we use Cisco Ace) there we put access rules where /ui/edit/* and /ui/admin/* are prohibited from "external IP" adresses.
Sep 01, 2011 9:54
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
Hi,
I'm looking to restrict access by IP address to the EPiServer edit / admin suite. We have a load balanced environment with 4 front end web servers. I've seen quite a few posts on this subject but everything we've tried doesn't seem to work. Is there a definitive way of restricting access to all EPiServer tools including /secure/, /utils/ etc
Cheers
Tim