Vulnerability in EPiServer.Forms
Looked at Chris Bennett's article 'Server Architecture Options for EPiServer' (http://world.episerver.com/Blogs/Chris-Bennett/Dates/2009/12/Server-Architecture-Options-for-EPiServer/) and we are planning on implementing option 2. Chris talked about the editting interfaces being removed from the internet facing live servers. Which is best approach in doing that, including the admin interface and the EPiServer context menu?
Is there a simple way to reduce the fucntionality and lock down the front end IIS Servers?
This blog post contains instructions on how to remove access to edit/admin and removing context menu on frontend servers: http://paulhoughton.org/blog/disable-episerver-editadmin-secure-paths-on-front-end-servers/