Unofficial Sitecore 8 Training Webinar Series – Session 6

Agenda for the sixth Unofficial Sitecore training session Customizations Pipelines & Processors What is a pipeline? What is a processor? Existing Pipelines in Sitecore Implement custom functionality in a pipeline Demo on customizing httpRequestBegin pipeline (participants are encouraged to follow along with the demo on their machines) Can I create my own pipeline? Events & Commands Customizing […]

Read More

Unofficial Sitecore 8 Training Webinar Series – Session 5

Agenda – Presented by Michael West Introduction to Sitecore PowerShell Extensions Intro to SPE No Coding Required Nuts & Bolts Advanced Capabilities Out of the Box Bundled Tools Audit Reports Meat & Potatoes Windows PowerShell for Beginners Console and ISE Scripts, Libraries, and Modules Integration Points Remoting Setup Remote Code Execution Best Practices Video Please register for […]

Read More

How can you help the Stack Exchange Beta site for Sitecore

A month ago Mark Cassidy took the initiative to start a Stack Exchange beta site. In doing so we got the community together and got them to commit to the cause. The community rose to the occasion was were quickly in beta. It was the fastest path to beta and other users were questioning how […]

Read More

Microsoft Extensions Dependency Injection (DI) with Sitecore 8.2 Sample Project

Sitecore 8.2 was released with Microsoft Dependency Injection. I wanted to try to setup a sample project which utilizes the DI. First and foremost, I thank Kam for writing the ServiceCollectionExtensions and making my life easier. As with everything we start with a fresh install of Sitecore 8.2 (sc82rev160729). Following which setup a base visual studio project. […]

Read More

IoC Container Benchmark comparison 2016 including Microsoft.Extensions.DependencyInjection

As most of you know, my favorite is SimpleInjector. I use it in all my projects. Since Sitecore 8.2 was released yesterday (August 30th 2016), I decided to do a performance benchmark against Microsoft Extensions DependencyInjection which is used as part of Sitecore to provide DependencyInjection. Kam has written a blog post: Dependency Injection in […]

Read More

Secure Sitecore : Secure Headers XSS Protection

We have been going through XSS vulnerability in the past two posts. I am going to end this series with one last post about Secure Headers. We will go through a few headers that we can implement. Environment testing was done on two Windows 10 machines with Sitecore 8.1 update 3. Browsers use were Chrome (), Firefox […]

Read More

Secure Sitecore : Cross Site Scripting (XSS) Vulnerability Prevention

In the last Cross Site Scripting (XSS) post: Secure Sitecore : Cross Site Scripting (XSS) Vulnerability Findings , we looked at how these attacks might look based on the browser the user is using. The interesting factor is that a potential attacker might not use a browser at all. You do not need a browser to […]

Read More

Secure Sitecore : Cross Site Scripting (XSS) Vulnerability Findings

Lately I have been focussed on OWASP Top 10 security guidelines and locking down sites. The next one on the list is Cross Site Scripting (XSS). According to OWASP: Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when […]

Read More

Secure Sitecore : Headers are a headache but nothing we cannot solve!

Lately I have been focussed on OWASP Top 10 security guidelines and locking down sites. The next one on the list is Response Headers. For reach page request, the server sends over the headers containing information about the server and ASP.NET. Some call it chatty headers and less we send back the better it is […]

Read More

Secure Sitecore : Why use a custom 500 error page?

Enable custom errors to restrict users from seeing sensitive information such as the paths, stack trace and .NET version information. A potential hacker can get a lot of information on your environment just by looking at the default error page. There are several things you could do to secure your Sitecore instance, namely the Sitecore […]

Read More