Skip to content

Instantly share code, notes, and snippets.


Grant Killian grant-killian

View GitHub Profile
View SitecoreSecurityPatch.SC2019-001-302938.ps1
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
Import-Module WebAdministration
$url = ""
$tempLocation = "C:\tempLocation"
$zippedPatch = "$tempLocation\"
$unzippedPatch = "$tempLocation\SitecoreSupportPackage"
$sitecoreRoot = "C:\InetPub\Your\Sitecore\Website"
if (!(Test-Path $tempLocation))
grant-killian / UpdateIdentityServerHashAlgorithm.ps1
Last active Jan 2, 2019
Update Sitecore's Identity Server to use a more robust hash algorithm for .Net membership. See for more context.
View UpdateIdentityServerHashAlgorithm.ps1
$siteNamePrompt = Read-Host "enter Identity Server website name"
$site = get-website -name $siteNamePrompt
$appSettingsPath = "{0}\wwwroot\appsettings.json" -f $site.physicalPath
<# replace:
grant-killian /
Last active Dec 17, 2018
I discuss this at Essentially, there are 3 main locations to update the sc.publishing.xml file to support additional publishing targets. This sample illustrates the 3 (under Publishing/ConnectionStrings, under Services/DefaultConnectionFactory/Op…
<?xml version="1.0" encoding="UTF-8"?>
<!-- Add any additional publishing targets you may use (first location for changes to this file) -->
grant-killian / ArtifactTableRetentionPatch.config
Last active Dec 10, 2018
For tuning data retention rules (beware of the alpha order in which .config files are processed)
View ArtifactTableRetentionPatch.config
<?xml version="1.0" encoding="utf-8" ?>
<configuration xmlns:patch="" xmlns:xdt="">
<agent type="Sitecore.Tasks.CleanupEventQueue, Sitecore.Kernel">
<patch:delete />
<agent type="Sitecore.Tasks.CleanupEventQueue, Sitecore.Kernel" method="Run" interval="01:00:00">
View ConfigureSitecoreCommerceJSON.ps1
Author: Grant Killian
Created Date: Sept 1, 2017
Ease the human-error potential in step 3 and 4 covered at
For repetitive installs, it's a pattern that can be used to update a site name etc, too. Here I focus on the SQL Server and Sitecore credentials but other settings could be updated too (just be certain you have the right pattern to match/replace).
$dbServer ="your db server" #for Azure SQL, something like ",1433" is what you'd use
$dbuser ="SQLuser"
$dbpwd = "secret"
View SecureSitecoreConnectionStrings.ps1
- The encyption is specific to each server, so this needs to be run separately on every IIS server
- ASPNet_RegIIS requires a web.config file to operate, so we have to massage our Sitecore .config into a web.config format it will understand
1) Copy current Connectionstrings.config to a file named "web.config"
2) insert <configuration> node surrounding the <connectionStrings> XML
3) run this new web.config file through aspNet_RegIIS...
grant-killian / ResetSitecorePassword.aspx
Last active May 5, 2017
Example of how we would reset the sitecore\admin password after changing the Membership hash algorithm
View ResetSitecorePassword.aspx
<%@ Page Language="C#" AutoEventWireup="true" %>
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
MembershipUser user = Membership.GetUser(@"sitecore\admin", false);
grant-killian / gist:c734e7287f7c27182182ed9d17d29730
Last active Nov 11, 2016
Sitecore perf counter installation
View gist:c734e7287f7c27182182ed9d17d29730
$zipFileURI = ""
$stageFolder = "C:\staging"
if( !(test-path $stageFolder) )
mkdir $stageFolder
$downLoadZipPath = $stageFolder + "/"
Invoke-WebRequest -Uri $zipFileURI -OutFile $downLoadZipPath
View Rackspace9stepSitecoreSecurityHardening.ps1
Author(s): Bruce Lee, Grant Killian, Kelly Rusk, Jimmy Rudley
Created Date: August 4, 2016
Modified Date: May 3, 2017
This is the Rackspace Managed Services for Sitecore ( script for security hardening a Sitecore environment
If the Execution Policy does not allow execution, you may need to run the following interactively to allow a scoped session bypass.
This is secure as it requires interaction on server and cannot be executed from a script:
grant-killian / Rackspace.SecurityHardening.Step8.ProtectMediaRequests.config
Last active Aug 5, 2016
Set Media.RequestProtection.SharedSecret in the App_Config/Include/Sitecore.Media.RequestProtection.config file. This ensures a unique key to your implementation, instead of using the common OOTB key provided by the Sitecore installation. Be sure to use the *same* key for all the Sitecore servers in the solution!
View Rackspace.SecurityHardening.Step8.ProtectMediaRequests.config
<configuration xmlns:patch="">
<setting name="Media.RequestProtection.SharedSecret">
<patch:attribute name="value">your-implementation-custom-guid-here</patch:attribute>