Area: Episerver Customer-Centric DXP

User interface security

Recommended reading 

This topic discusses security considerations related to unauthorized access to the editing and administration user interfaces of Episerver CMS, when running the Episerver Customer-Centric Digital Experience Platform (DXP).


Episerver provides easy access for multiple editors to work in a collaborative manner with content across sites, using devices of their choice. This may raise concerns about unauthorized access to the editing and administration interfaces of Episerver CMS. 

Security and privacy are built into the Episerver platform and the Azure cloud services that is based on the Episerver DXP. Any feature that Episerver develops must meet the highest quality standards, including security measures. See Security.

Consider the following  additional precautions to prevent unauthorized access:

  • Ensure that the connection is secure; use an SSL server test tool to verify.
  • Use federated authorization to a trusted authority to secure editor identities. 
  • Use a Web Application Firewall (WAF) to protect against threats such as DDOS.
  • Run penetration tests regularly, using a web security scanning tool.

Related topics

Do you find this information helpful? Please log in to provide feedback.

Last updated: Apr 02, 2020

Recommended reading