No matches found
Try choosing different filters or resetting your filter selections.
Security and Sharing
-
Secure HTTPS Connections Are Enforced in Experience Cloud Sites and Salesforce Sites
Settings that enforce HTTPS connections or upgrade HTTP requests were enabled and removed because they’re required and enforced by default. These changes apply to all sites, regardless of whether they’re served on a custom domain. We recommend that you allow HSTS preloading registration for custom domains that host content through your sites, which adds protection by removing the opportunity for attacks during HTTP redirections. -
Protect Customers During the Login Process
Protect your customers after they successfully log in to your Experience Cloud site with Embedded Login by blocking redirects to unknown URLs. -
Protect Experience Cloud Users by Verifying Email Address Changes
To protect user accounts against security threats, Salesforce now automatically enables the Require email confirmations for email address changes setting. With this setting enabled, Experience Cloud site users must verify their email address changes.