When you want to deploy Kentico on a remote live server, you must first determine the level of trust the ASP.NET application has on the server. This is important because the medium trust environment has limitations and requires additional configuration tasks.
We strongly recommend that you develop and host your websites on servers withenvironment.
Medium trust environment is considered obsolete by Microsoft and will be abandoned in one of the following versions of Kentico. You can find more information on isolating applications on servers using application pools in this article: ASP.NET Partial Trust does not guarantee application isolation.
Limitations of medium trust environment
The following features of Kentico do not work in medium trust environment:
- Integration with LinkedIn
- Integration with Google+
- Integration with OpenID
- Integration with WIF (Claims-based authentication)
- Health monitoring
- Recording application events in the Windows
- Storing virtual objects in the file system
- Bounced e-mails detection. A special permission is required.
- Session can be stored only using the InProc state server.
- Import functionality is limited. If the application is restarted during the import process due to a large number of files, the process does not continue but starts from the beginning.
Installing and deploying a project to a live server
When you need to deploy Kentico to a shared hosting server, install Kentico on the server and then deploy your website to the installation. These procedures are similar for both medium and full trust environment.
Installing Kentico on a live server
To install Kentico on a remote server with medium trust or full trust:
- Run the Kentico Installer on your local development computer.
- Check the license agreement and select the Custom installation option.
- Switch to the Installation type tab.
- Select the Prepare for installation on a remote server.
- Choose a folder for the project files (for example, C:\Temp\Kentico).
- The files will be only copied to this location.
- Select the .NET Framework version of the remote server.
- Click Install.
- The Installer copies the project files to the specified folder.
[Medium trust] Edit the project's web.config file and change the sessionState mode from StateServer to InProc (only if you plan to deploy your project to a server with medium trust):
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424" sqlConnectionString="data source=127.0.0.1;Trusted_Connection=yes" cookieless="false" timeout="20" />
- Copy the web project files from your local folder (C:\Temp\Kentico) to the root of the website using FTP.
- If you want to use a sub-folder, create a new virtual directory.
Kentico is now installed on your remote server. Continue to the next section to deploy a website to the server.
Deploying a website to a live server
After you have installed Kentico on a live server, you can deploy an already developed website to the installation.
- Open the Sites application on your local development computer and click Export site ( ) next to the site to be exported.
- Enter the name of the export package and click OK.
- The site will be exported to the <web project>\CMSSiteUtils\Export folder.
- Copy the exported package into the <web project>\CMSSiteUtils\Import folder on the live server.
Open a web browser and navigate to the /default.aspx page of your live server.
The Database Setup wizard starts up.
- Go through the wizard and create a new Kentico database on your live server.
- At the end of the process, you may be asked to update your web.config file manually – please follow the instructions on the screen.
- At the end of the Database Setup Wizard, choose to import your existing Kentico website (from the previously exported package).
The system imports the existing website. If you have deployed your project to a server with medium trust, continue to the next section for further configuration.
After you have imported the website, you may need to adjust its configuration:
- Open the Sites application. Edit the website and make sure the website domain and domain aliases are configured correctly for the production domain(s).
- Open the Settings application and make sure your site settings contain correct values, especially the SMTP server value in the System -> E-mails section.
- Open the Sites application. Click Open live site ( ) next to your new site and make sure the website is displayed correctly.
Running the website in a medium trust environment
Once you've installed the website, the system should work under a medium trust level properly. Restart your IIS to apply the configuration changes and run the website.
If your website uses any third-party components that do not support a medium trust level by default, you may need to configure the system for them. In this case, please contact their author to get the information on how to perform the configuration required to run in a medium trust environment.
Configuring components for the medium trust environment
The .NET Framework provides a batch of predefined code access security policies, categorized into several trust levels, which determine the permissions available for applications running on the given machine.
The medium trust level was used by web hosting providers on shared servers to prevent applications from accessing certain resources that could be harmful to other websites running on the server. Kentico can be used with the default medium trust policy. The following component requires higher than medium trust and must be considered in this situation.
Bounced e-mail monitoring
This section is only relevant if you wish to use the bounced e-mails feature of the Newsletters application in a medium trust environment.
To be able to check bounced e-mails, Newsletters make use of a component that creates outgoing network connections using POP3, a standard e‑mail protocol for receiving maildrops from an e-mail server. This component requires the SocketPermission for its operation, otherwise it fails when attempting to connect to the server. This permission is denied for applications under medium trust.
If you cannot raise the trust level or create a custom security policy that includes this permission, the only solution is to attempt to convince the hosting providers to grant the SocketPermission to your application. If you are unable to do so, the bounced e‑mail monitoring feature will unfortunately not be functional in a medium trust environment.