On today post, will discuss on securing Sitecore admin page on live site from anonymous user to access.
But first I will tell you that how anonymous can access Sitecore admin page of any live Site with their basic common sense and smart guess. And then will know how to protect Admin pages to Save business from unknown users.
As a Anonymous user,
How I can know which Web Application developed on Sitecore CMS?
Once knew web Application is on Sitecore, then follow approach of Hit-n-Try, by accessing Admin Page and if you are smart Guy then you may know what next to do.
But please avoid to do this as Anonymous user, Be a Good man. And if you are going to find any Site's admin page accessible as Anonymous user then please let them (Organization) Know.
Now come to the point, that how to avoid of anonymous access Sitecore Admin Pages on Live Site
And we can do this with different approaches by restriction on IP access or location. But here I will mention a very easy way to secure.
By disabling anonymous access in internet information services (IIS) manager
For that follow below steps:
- Open the IIS
- Navigate to the Sites\<Target WebSite>\App_Config folder.
- In Features View, double-click Authentication.
- In the Authentication window, select Anonymous Authentication and in the Actions panel, click Disable.
- Repeat these steps for /sitecore directory.
Please share your comments/Feedback if any.