Skip to main content

Building a Scaled Sitecore XP Environment: Networking and Port Strategy

When configuring a Sitecore production environment on VMs (on-prem or cloud), it’s critical to define and open only the necessary network ports between the servers to ensure secure and functional communication between the roles (CM, CD, Solr, SQL, Redis, Identity, etc.).

Below is a breakdown of recommended ports that should be opened between VMs in a scaled Sitecore XP 10.x environment:

🔐 Core Port Recommendations

Source VM                         Target VM                                 Port(s)                 Protocol                    Purpose                                        
CM, CD SQL Server 1433 TCP Sitecore databases
CM, CD Solr 8983 TCP Content Search indexing/querying
CM, CD Redis 6379 TCP Session state caching
CM Identity Server 443 HTTPS Identity authentication
Identity Server CM 443 HTTPS Post-login redirect
CD CM 443 HTTPS Publishing service (if accessed via CM)
Publishing CM CD 443 HTTPS Publishing targets
CM, CD xConnect 443 HTTPS Tracker and analytics
xConnect SQL Server 1433 TCP xDB Collection & Reference databases
CM, CD Reporting DB 1433 TCP Analytics, reports
CM Marketing Automation 443 HTTPS Automation plans, contacts
CM Email Experience Manager (EXM) 443 HTTPS Campaign sending
CM, CD Content Delivery (internal APIs) 443 HTTPS If CD hosts GraphQL / APIs for FE apps
CM CD 443 HTTPS Publishing target access

🧱 Infrastructure-Level Access (Optional)

Source                                 Target                     Port                             Purpose                                    
Admin Workstation All VMs 5985/5986 WinRM / PowerShell remoting
DevOps Agent All VMs 22 / 445 / 5986 Deployments via SSH/WinRM
CM/CD SMTP server 25 / 587 Sending emails (EXM)

📌 Frontend & Public Access

Client (Browser)                 Target             Port             Purpose
Public users CD 443 Site access
Content authors CM 443 Sitecore admin interface

🔍 Notes & Best Practices

  • Use host-based firewalls (Windows Defender Firewall or NSGs in Azure) to restrict traffic between servers.

  • Prefer HTTPS for all internal communications when possible.

  • Secure Redis with a password if exposed across machines.

  • Consider using certificates for xConnect, Solr, and Identity (self-signed or domain CA).

  • Avoid opening SQL or Solr to the public internet.

Labels:

Comments

Post a Comment

POPULAR POSTS

Sitecore PowerShell Script to create all language versions for an item from en version

  We have lots of media items and our business wants to copy the data from en version of media item to all other language versions defined in System/Languages. This ensures that media is available in all the languages. So, we created the below powershell script to achieve the same -  #Get all language versions defined in System/Languages $languages = Get-ChildItem /sitecore/System/Languages -recurse | Select $_.name | Where-Object {$_.name -ne "en"} | Select Name #Ensuring correct items are updated by comparing the template ID  $items = Get-ChildItem -Path "/sitecore/media library/MyProjects" -Recurse | Where-Object {'<media item template id>' -contains $_.TemplateID} #Bulk update context to improve performance New-UsingBlock (New-Object Sitecore.Data.BulkUpdateContext) { foreach($item in $items){    foreach($language in $languages){ $languageVersion = Get-Item -Path $item.Paths.Path -Language $language.Name #Check if language versi...
Post a Comment
Read more

Export Sitecore media library files to zip using SPE

If you ever require to export Sitecore media files to zip (may be to optimize them), SPE (Sitecore Powershell Extension) has probably the easiest way to do this for you. It's as easy as the below 3 steps -  1. Right click on your folder (icons folder in snap)>Click on Scripts> Click on Download 2. SPE will start zipping all the media files placed within this folder. 3. Once zipping is done, you will see the Download option in the next screen. Click Download Zip containing the media files within is available on your local machine. You can play around with the images now. Hope this helps!! Like and Share ;)
Post a Comment
Read more

Make Sitecore instance faster using Roslyn Compiler

When we install the Sitecore instance on local, the first load is slow. After each code deploy also, it takes a while for the Sitecore instance to load and experience editor to come up. For us, the load time for Sitecore instance on local machines was around 4 minutes. We started looking for ways to minimize it and found that if we update our Web.config to use Roslyn compiler and include the relevant Nugets into the project, our load times will improve. We followed the simple steps - Go to the Project you wish to add the NuGet package and right click the project and click 'Manage NuGet Packages'. Make sure your 'Package Source' is set to nuget.org and go to the 'Browse' Tab and search Microsoft.CodeDom.Providers.DotNetCompilerPlatform. Install whichever version you desire, make sure you note which version you installed. You can learn more about it  here . After installation, deploy your project, make sure the Microsoft.CodeDom.Providers.DotNetCompilerPlatform.d...
1 comment
Read more

Experience of a first time Sitecore MVP

The Journey I have been working in Sitecore for almost 10 years now. When I was a beginner in Sitecore, I was highly impressed by the incredible community support. In fact, my initial Sitecore learning path was entirely based on community written blogs on Sitecore. During a discussion with my then technology lead Neeraj Gulia , he proposed the idea that I should start giving back to developer community whenever I get chance. Just like I have been helped by many developers via online blogs, stackoverflow etc., I should also try to help others. Fast forward a few years and I met  Nehemiah Jeyakumar  (now an MVP). He had a big archive of his technical notes in the form Sitecore blogs. I realized my first blog dont have to be perfect and it can be as simple as notes to a specific problem for reference in future. That's when I probably created my first blog post on Sitecore. At that time, I didn't knew about the Sitecore MVP program. Over the years, I gained more confidence to writ...
2 comments
Read more

Clean Coding Principles in CSharp

A code shall be easy to read and understand. In this post, I am outlining basic principles  about clean coding after researching through expert recommended books, trainings and based on my experience. A common example to start with is a variable declaration like - int i  The above statement did not clarify the purpose of variable i. However,  the same variable can be declared as -  int pageNumber The moment we declared the variable as int pageNumber, our brain realized that the variable is going to store the value for number of pages. We have set the context in our brain now and it is ready to understand what the code is going to do next with these page numbers. This is one of the basic advantages of clean coding. Reasons for clean coding -  • Reading clean code is easier - Every code is revisited after certain amount of time either by the same or different developer who created it. In both the cases, if the code is unclean, its difficult to understand and u...
Post a Comment
Read more