This post has been migrated from www.experimentsincode.com, we apologise if some of the images or content is missing
Installation Guide Update for Sitecore CMS 5.3.x and 6.0 (Security Hardening) We have discovered a missing security setting description in the Installation Guide for Sitecore 5.3.x and 6.0 regarding the ‘rest.aspx’ file. These pages have been updated: Page 17 In the Authentication Methods dialog box, ensure that the Anonymous access check box is not checked. Repeat this procedure for the following folders and files: /sitecore/admin /sitecore/debug /sitecore/rest.aspx. Page 28 Disable anonymous access to /sitecore/rest.aspx file Make sure you have disabled anonymous access to the /sitecore/rest.aspx file. For details, see Section 3.5, Configuring the IIS. Page 46 Make sure you have disabled anonymous access to the /sitecore/rest.aspx file. For details, see Section 3.5, Configuring the IIS.I am a little annoyed that they calmed they had missed the security description but on the plus side hopefully more Sitecore sites will become secure and that they have finally notified users; even if it was 2 months after I informed them of the original problem.