See How Sitefinity Cloud Works

Sitefinity Cloud is a managed Platform-as-a-Service (PaaS) that enables system integrators, digital agencies and end users to develop, run and manage Sitefinity-powered digital experiences.

Sitefinity Cloud provides scalable enterprise infrastructure optimally configured for security and performance. It is designed to meet customer needs based on their expected traffic (number of page views).

Unlike SaaS products like Gmail, where customers can only use/configure the look, feel and specific features, Sitefinity Cloud provides greater flexibility without the overhead associated with the complexity of building and maintaining infrastructure.

The Sitefinity Cloud Team handles availability, performance and security, as well as the CI/CD processes and application management tools for Sitefinity. The only responsibility customers/partners have left is to develop and maintain their application code.

Learn more or download Sitefinity Cloud Solution Overview

Yes - Sitefinity Cloud leverages an autoscaling infrastructure and delivers up to 1,200 page views per second, exceeding performance requirements for today’s digital economy.

Yes - Moving your on-premises, or third party hosted site to Sitefinity Cloud is easy. Check out the Sitefinity Cloud requirements and the How To Move Your CMS to the Cloud guide.

Sitefinity Cloud has a permission that allows only specified users to promote content to the Production environment. Additional permissions are included in Sitefinity CMS.

Visit SupportLink to log the case and select Sitefinity Cloud as the product.

Sitefinity Cloud includes SSL certificate and SSL encryption. In addition, Sitefinity Cloud includes Web Application Firewall and DDoS mitigation.

In case of downtime or security incidents, an On-Duty engineer from Progress will acknowledge the issue within 15 minutes and start troubleshooting. Progress will open a ticket on behalf of the customer where detailed information will be provided every 20 minutes until the issue is resolved. If the downtime issue is caused by custom code deployed by the customer, Progress will assist with identifying the issue and provide suggestions for the fix.

Sitefinity Cloud is SOC2-certified and HIPAA-compliant. The platform provides built-in tools and workflows that enable organizations to address GDPR and HIPAA requirements and other data privacy laws.  

SOC2 and HIPAA-compliance reports can be downloaded from the Progress Security Center.

Sitefinity helps safeguard Personally Identifiable Information (PII) and Protected Health Information (PHI) by utilizing field mapping, PII/PHI removal workflows and data obfuscation during database restore to a non-production environment to help organizations maintain compliance and ensure personal and data privacy.

The Sitefinity Cloud documentation summarizes the regulatory certifications that Progress Software has been awarded as a company and the ones that Progress Sitefinity Cloud complies with as a product.

What is SOC2?

SOC 2 is an independent audit report that provides detailed information and assurance of the security, availability, integrity, confidentiality and privacy controls an organization has implemented in its products and internal workflows.

What is HIPAA

HIPAA is a federal law that requires the creation of standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

The locations where Sitefinity Cloud can be provisioned are listed in the tables below:

Progress employees don't have any access to the services included in the customer's Sitefinity Cloud account. In cases of emergency that require troubleshooting, the customer can provide Progress explicit consent to access particular services of their tenant.

Progress Software is committed to providing 99.9% uptime of production websites on Sitefinity Cloud.

Yes. An automated process runs daily checks for updates and executes a step-by-step upgrade routine. You're duly notified via email and have full control over when to merge and promote the upgrade.

All of the Azure services that Sitefinity Cloud leverages are within an Azure subscription which is owned and managed by Progress.

Sitefinity Cloud uses Page views and API calls quota as two of the key differentiators between tiers.

Refer to the Sitefinity Cloud tiers page for up-to-date information on the current usage guidelines

Any request that receives a response with Content-Type: text/html or text/htm is counted as a Page view.

Any request that receives a response with Content-Type: application/json or application/xml is counted as API Call.

Any request receiving a response with Content-Type: text/html or text/htm will be counted as a Page View in Sitefinity Cloud.

As part of the platform, we provide WAF and Bot protection. The latest provides capabilities for blocking certain traffic identified as potentially dangerous.

Google Analytics acquires user data from each website visitor using page tags. A JavaScript page tag is inserted into the code of each page. This tag runs in the web browser of each visitor, collecting data and sending it to one of Google's data collection servers. It relies on cookies and so Google Analytics cannot collect data for users who have disabled them. In Google Analytics 4 properties, traffic from known bots and spiders are automatically excluded.

There are clear differences in how page views are counted and filtered in the two systems which could lead to deviations in the final page views.

You can track usage and resource utilization in the Sitefinity Cloud dashboard. Monthly usage reports contain a summary of your Sitefinity Cloud usage including the number of page views and API calls.

Sitefinity Cloud tiers share the same core capabilities and infrastructure across the entire product line. Customers with elevated requirements can upgrade to any Sitefinity Cloud tier or purchase available add-ons by contacting their account manager.

Direct access to Cloudflare is not allowed. However, the Sitefinity Cloud team can apply custom configurations upon request. Sitefinity Cloud customers who have purchased the Advanced Security Add-on have access to all HTTP and WAF logs from Cloudflare in Azure.

 Sitefinity Cloud leverages a custom-developed Cloudflare worker function that supports customizable edge rules.

 Custom rules meeting the following criteria can be added directly to the CDN edge:

• URL or URL component (e.g., pathname, query) matches a regex
• IP is part of a safelist or blocklist
• Request header value matches a regex
• Response status code matches a regex
  

These rules can be used to configure the following actions:

• Redirect
• Rewrite
• Transform the URL (e.g., replace all occurrences of '+' with '-')
• Set custom response headers
• Set custom response cookies
• Customize CDN cache (e.g., bypass the cache or set mandatory cache duration)
• Use custom origin