Andrew Connell’s white paper on Configuring and Deploying Anonymous Publishing Sites for SharePoint Server 2007 just went up on MSDN.

The following are my thoughts in detail.  For the most part – I agree with the views presented in the white paper, and I believe the white paper covered at a glance many of the crucial aspects of anonymous publishing.

Some of these points I wanted to further elaborate and explain some of my own experiences and/or approaches that I’ve found to work better.

Limiting the Page Payload

Fiddler is great.  FireFox’s FireBug also serves a similar purpose.  You want to try to reduce the number of files that are sent across.  Reducing CSS, core.js, core.css will go a long way to reduce the page payload.

I’ve found HttpModule to be far better at stripping core.js, core.css and much of the unused form hidden fields from the output.  Need a lot of testing though.

In addition – check out YSlow FireFox add-in.  Which discusses issues such as E-Tags not being set properly in IIS – you might as well turn it off and let browsers determine file base on modified date / size.

Managing the Name ActiveX Control

This is related to my earlier blog SharePoint – Name ActiveX Control error.  I discussed the circumstances on why this ActiveX control is appearing, what does it do, and why does it only give you grief when running in the Internet Zone on IE.

While the Mossman Way works – I prefer using a HttpModule.

Anyway – I thought if Person Name Smart Tag and Presence Settings is switched off via Central Administration this would have gone away (mentioned later in the white paper).  UPDATE - tested this doesn't work - while the setting is off it still asks for the Active-X

Taking Advantage of Custom CAS Policies for Custom Code

Use CAS policies so you can keep to WSS_Minimal.

Many of our assemblies are deployed in the GAC which runs in full trust.  The reason we put them in the GAC is more a decision related to solution package deployment, and not from a security point of view.

Configuring a SharePoint Site Collection or Site

Blocking Users from Seeing All Pages in a SharePoint Publishing Site

ViewFormPagesLockdown is absolutely necessary.  I’m so glad it’s mentioned in this white paper.

Enabling and Configuring Caching

page output caching and object caching are mentioned – both are very useful.  Page Output caching for the anonymous profile is necessary to achieve high performance from a public site.  Remember to switch on the comment so you can catch caching issues from your staging and production servers.

blob caching is not mentioned – I’m not sure the reasons, but I’ve found it to be useful but I have seen the blob cache rendering and cropping only half of the CSS file that I have.  Is that a SharePoint bug?  Hard to say.  I found some blog articles that asked the same questions – blob caching is one of those supposedly-low-risk-high-gain performance configurations that you can do, but I ended up with only use blob caching with sufficient testing.

Configuring a SharePoint Web Application

Disabling User Presence Information

Just echoing this – I think this should stop the ActiveX presence “name.dll” appearing on IE when you stop this.

UPDATE - tested this doesn't work - while the setting is off it still asks for the Active-X

Disabling the Blog API

Disabling Incoming E-Mail

Separating Content Between Authoring and Production Environments

I noticed I stopped commenting much towards the end of the article.  It was good to see publishing content deployment being discussed at the end - great article.

This error pops up on SharePoint MOSS publishing websites that are in the Internet security zone for IE browsers.

This is because the core.js file wants to use ActiveX control “name.dll”, this ActiveX control is responsible for the presence information for SharePoint.

In the Internet security zone, IE pops this question to the user to ask them whether they want the ActiveX to run.

In development

For developers, if you have accidentally clicked “Yes Allow it to run”, then you won’t see this error and it can hinder your debugging of your public SharePoint site.

This is a RegEdit fix to get rid of this key to see name.dlll ActiveX warning in IE again.

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05}

I have been told that some server machines doesn’t seem to have this key.

UPDATE try: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05}

Fix

1. MS has a KB article that shows you a broken way of fixing this.  It doesn’t work.
2. We’ve found two other ways that are slightly better, one way is to override the JavaScript function that calls this – you have to be careful of the timing of which events are called first.
3. The other way is to implement a HTTP output module to strip the reference to core.js from the output stream.  This can only be done safely for anonymous users, as core.js contains required JavaScript that is necessary for content editing.

This is a simple tip

So the list template stuffed up a list and you can’t get to it in “site library and lists”

The backdoor way to remove the list is:

stsadm -o forcedeletelist -url http://server/Lists/list-name

http://technet.microsoft.com/en-us/library/cc262609.aspx