EPiServer Operator's Guide - EPiServer World

8 | EPiServer Operator's Guidehas placed in the output cache. That is to say that the cache will be reloaded the next time a page is accessed. Iftemplates contain data that vary over time, e.g. a server-generated clock, you must state how long the page canbe cached as HTML, so that the information, in this case the time, will not be incorrect.Set EPnCachePolicyTimeout in web.config to activate output cache. This states how many seconds a cachingis valid. To achieve the best performance, you should have, on average, more than one hit per unique pageduring the period of time (EPnCachePolicyTimeout). Otherwise it is just an unnecessary load for the server, asthe cached variant will probably never be read. The recommended setting is at least 3600 seconds or 1 hour.The output cache varies based on the Web browser type and the page ID. These values can, however, becustomised in EPsCacheVaryByCustom and EPsCacheVaryByParams. If an installation has, for example, aquery string parameter "print" that controls how the page is adapted for printout, EPsCacheVaryByParams mustbe changed to "id,print".User CacheInformation concerning the roles that a user belongs to, along with personalized information, is read when a userlogs on. This data is cached, so that the information does not need to be re-read for each new page viewing. Userinformation that is not read for 5 minutes is removed from the cache. The length of this period of time can bechanged in web.config via the EPnUserCacheTimeout setting. If this value is changed to "0", the cache will beturned off. This may be useful for troubleshooting, but is not recommended for operation. The main advantage ofthis cache, from a performance point of view, is obtained when the group membership is read from ActiveDirectory, or another external source that requires more resources than a local database lookup.Shared HostingShared hosting is when several EPiServer installations or other ASP.NET applications are operated for severalcustomers on the same server.Roles and UsersIn order to cut down on administration, we recommend that each installation/site only has one superuser accountcreated in Windows, and that the customers themselves set up EPiServer users for editors and administrators.The superuser account can then be used for, e.g. FTP access.The disadvantage of using Windows users, and therefore Windows groups, for role membership is that theseapply to the entire server and all sites. That is to say that if two sites use the same groups or roles by mistake, theusers can access each other's sites. If you use EPiServer users and EPiServer groups, these will only work persite.A simple rule of thumb is that, in a hotel environment, the standard groups WebEditors and WebAdmins shouldnever exist in the Windows account database. If the general groups exist, you cannot add users to them. Onlyoperators, for example, who need to access several sites can add users.It is possible to remove the Write access rights for the ASP.NET account and only allow the superuser account towrite to the web.config file. This will result in only the superuser account being able to save new Systemsettings and not common EPiServer users.Limitations in Windows 2000ASP.NET uses a general account that the ASP.NET processes run under. This cannot be changed per site inWindows 2000. This causes a security problem, as a site could, code-wise, be able to access information fromanother site. Unfortunately there is no good solution for this, as it depends on Windows 2000 architecture.Copyright © ElektroPost Stockholm AB - www.episerver.com