As per the Whitehat Security report it says there is a vulnerability on Host or X-Forwarded-Host request headers on our site build using Kentico and hosted in AzureHow are we preventing this type o...

Hi,I have a group of users assigned to Role X. I would like only one specific folder within the content tree to be visible to these users. Quickest way to achieve this?I can restrict them from all ...

There is an application developed using Kentico 10 and hosted in Azure.We recently install azure application gateway for this particular site,In this site there is a function to add and view items ...

Hello, all - I'm hoping that you can help me figure out how to do something - -and I'm hoping I won't hear that we've munged up our security paradigm.On this site, only authenticated users are allo...

Hi Everybody,I have some questions about the security options of the staging application (Kentico 10).I setup the permissions for a role according to kentico documentation, so that the user can syn...

Hi GuysI have a form in my site, and the user can upload the supported document using fileupload. I want to store the file in media library, it should be secured and it can be accessible by the sub...

If you’re using Kentico in Azure, then you probably have seen a lot of options in your portal for your SQL database. Azure SQL Database, Microsoft’s SaaS database option, is a fantastic tool that gives you nearly unlimited SQL computing power and capability. But what about all those security options and performance recommendations if shows you? In this article, I’m going to cover a few of the key features of Azure’s SQL Database to help you get the most out of cloud-hosted Kentico sites.

We have a repeater that pulls File documents on a page. However some of the documents should not be available to certain users, so they are set to Deny for that User Role. However, they are still g...

Macros have long been a friend to any Kentico developer. Whether it’s one of many built-in methods or a custom one, these little code blocks can be powerhouses when it comes to developing your applications. One of their best aspects is their ability to be contextual, based on the user that inserted it.  While this very powerful, using macros between instances often resulted in broken or invalid macros, when it came to security. In Kentico 11, we’ve solved that challenge with macro identities.

I'm getting the following error several dozen times per hour: The CSRF cookie was missing.The error occurs on my production server only, not any of the development environments. This leads me to be...