Security

The security model of Episerver makes certain that only authorized users can edit, publish or view content of any kind. Interoperability with other systems are ensured using standard Microsoft security and authentication frameworks.

Episerver is designed to meet high standards regarding security features, following established security guidelines such as those defined by OWASP (Open Web Application Security Project). The platform offers advanced possibilities to manage authorization and authentication in a distributed multi-site content management environment.

  • Authentication based on the ASP.NET framework for role, membership and profile providers.
  • Integrate providers for Active Directory and Windows, as well as any customized provider.
  • Create user groups and roles, and define access rights for specific content types and languages.
  • Allow different editor groups to edit information on different sections of the website.
  • Apply access rights to selected visitor groups, displaying targeted content to these.
  • Define virtual roles that will return access rights based on custom evaluation rules.
  • Supports SSL (Secure Sockets Layer) for data encryption.
  • Anti-forgery supported and built-in to the editorial user interface.
  • Built-in change log making it possible to track changes to content.

Find out more

Developer Guide

User Guide