In the xDB, when you configure servers for different purposes, depending on the role, you may need to disable the Sitecore client. For example, if you configure a content delivery server or processing server it is not necessary to access the client application, so in this case disabling the client is recommended.
To prevent unauthorized access to the Sitecore client interfaces, you need to restrict access on every instance of your content delivery or processing environments.
There are two ways to restrict access to the client:
Implement IP-based security restrictions
To restrict access to client interfaces, you can implement IP-based security restrictions.
The steps you follow to implement IP-based security restrictions vary depending on which operating system you have.
To implement IP-based security restrictions in Windows 7:
- Open the Control Panel.
- In the Control Panel, click Programs.
- Under Programs and Features, click Turn Windows Features on or off.
- In the Windows Features window, select IP Security.
For instructions on how to configure IP-based security restrictions in IIS 7 and later, see http://www.iis.net/ConfigReference/system.webServer/security/ipSecurity.
For instructions on how to configure IP-based security restrictions in IIS 6 and earlier, see http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/128d26dd-decb-42f9-8efb-30724d1a2f29.mspx?mfr=true.
Disable Anonymous IIS access
Another way to restrict access to the client is by disabling Anonymous IIS access to the following folders and files in your Website\sitecore folder:
You can move files from the /sitecore/service folder to sit outside the /sitecore folder, but you must also remember to update the following settings in the
To disable Anonymous IIS access:
- Open Internet Information Services (IIS).
- In IIS, click Features View and then in the Security category, select Authentication.
- In your website folder structure, click, for example, the admin folder.
- To set Anonymous Authentication to Disabled, in the Actions panel, click Disable.