HomeDev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

User Interface Security

Describes security considerations related to unauthorized access to the editing and administration user interfaces of Optimizely Content Management System (CMS) when running the Optimizely Digital Experience Platform (DXP).

Optimizely provides easy access for multiple editors to work collaboratively with content across sites, using devices of their choice. This may raise concerns about unauthorized access to the editing and administration interfaces of Optimizely CMS.

Security and privacy are built into the Optimizely platform, and the Azure cloud services are based on the Optimizely DXP. Any feature that Optimizely develops must meet the highest quality standards, including security measures. See Security.

Consider the following  additional precautions to prevent unauthorized access:

  • Ensure that the connection is secure; use an SSL server test tool to verify.
  • Use federated authorization to a trusted authority to secure editor identities.
  • Use a Web Application Firewall (WAF) to protect against threats such as DDOS.
  • Run penetration tests regularly using a web security scanning tool.