Web and HTTP

The Web & HTTP settings let you control how your solution handles Web & HTTP-related events.

Using the Web & HTTP settings you can:

  • Upgrade or downgrade your Dynamicweb solution
  • Configure host headers
  • Configure the WebDAV service
  • Control if and how your solution should generate SEO-friendly customized URLs for your content
  • Create and manage virtual direct paths
  • Configure the form and SQL inject security settings
  • Configure the Cookie Manager
  • Configure your HTTP Compression settings
  • Set a global CDN provider

Most of these options are administrator only – so if you need any changes, please contact your administrator before you contact support.

Provided that you have Administrator access, the Manage Versions area (Figure 2.1) allows you to upgrade (or downgrade) your Dynamicweb solution.

To access the Manage Version area go to Settings > Web and Http and click the Manage Versions node.

Figure 2.1 Upgrading and downgrading your solution

To change version:

  • Click Change version in the toolbar to open the Change version window
  • Select the version you want to change to
  • Click Ok

Your solution will now upgrade (or downgrade) to the selected version. Please note that the solution will restart and you will be logged off.

If you have administrator access, you have access to the Host Headers settings (Figure 3.1). They allow you to create and configure multiple host headers for your solution directly on the IIS.

Figure 3.1 Host headers

To create a new host header:

  • Click Add in the toolbar
  • Specify a host name, and optionally an IP address and a port to use (port 80 is default)
  • Click OK to add the host header to the list

Once you’ve added the host headers you need, click Save and apply to save the host headers to the IIS. Please note that your solution will restart and you will be logged off.

On special characters

Dynamicweb automatically detects the IIS version you are running on and converts to/from punycode as needed.

Older versions may receive a ‘Operation failed’ error when trying to save a hos header using spaces or special characters.

Customized URLs in Dynamicweb depend on the 404-handler on your IIS server, so if you experience problems please ensure that it is configured correctly

Dynamicweb has a number of ways of handling search friendly URLs for pages.

A normal page in the frontend has a URL like /Default.aspx?ID=123, which shows the page with ID 123.

The Customized URLs function replaces the standard URLs with more SEO-friendly versions – so /Default.aspx?ID=123 becomes /Products for instance – and you can to a large degree control how.

You can:

  • Select an URL- type for regular pages
  • Select an URL-type for any non-regular pages you use, e.g. Ecommerce products & groups, item types, News-articles, etc.

Here’s how to do both.


To select a custom URL type for regular pages, simply select the desired type on the radio button list (Figure 5.1).

Figure 5.1 Customized URLs for regular pages

You can use either Standard only or location and page name.

If you select Location and page name you can:

  • Select Place all pages in root to leave out any information about page structure in URLs. This means that www.mydomain.com/page/subpage will be displayed as www.mydomain.com/subpage
  • Handle language layers:
    • If you select don’t show the language layer is not shown in the URL
    • If you select include language layer the language layer name will be included in the URL
    • If you select use ISO code from regional settings the regional ISO code will be used (e.g. en-GB)

By default, the Dynamicweb URL handler will ensure unique URL extensions by adding a number to URLS with the same extension, e.g. /home-1 and /home-2. If you have a unique domain for each website on your solution, you can check ensure unique paths for each area to disable this behavior, as the URL handler will take the full domain name into consideration when creating URLs and not only the extension. If you group by master website language layers will belong to the same URL index as the master website – should be combined with a language layer setting to ensure unique URLs.

Chances are you will be using more than regular pages on your solution, and to generate custom URLs for those you must configure the various add-in settings (Figure 6.1).

Figure 6.1 Customized URLs for non-page content

You can customize how URLs are generated for:

  • Ecommerce products and groups
  • Item types published by the Item Publisher, provided that you have activated Customized URLs in the item-type settings. If item is a paragraph item the name is taken from the paragraph name, and if item is a page item the name is taken from the page name, unless Use in URL has been checked in the page properties settings
  • News articles (from the News module)
  • Manufacturers
  • Forum categories

The Customized URL settings (Figure 7.1) give you further control over how your custom URLs are generated.

Figure 7.1 Customized URL settings

You can:

  • Use customized URLs for internal links
  • Activate normalization of non-standard latin characters - please note that this will conflict with the SEO Express recommendations
  • Check Forward to link (301 Moved Permanently) to use 301 forwarding to redirect users and search engines to the new URL. This may prevent a loss of Google page ranking.

The Ecommerce customized URL settings (Figure 8.1) allow you to further control how custom URLs for Ecommerce content works.

Figure 8.1 Customized URLs Ecommerce settings

You can:

  • Check Use strict URL recognition to always return a 404 page if the path to a group, product, variant etc. is not 100% correct. If unchecked and incorrect URL may return e.g. a product from another group.
  • If your Ecommerce contains pages with different URLs but identical content, such as /productlist.aspx and /productlist.aspx?sort=price, you can check canonical links in meta to make the most basic URL canonical and prevent content from being indexed as separate pages by search engines
  • Check 404 for products not in website shop and 404 for products not in website language to return 404-pages when users try and access products outside the shop/language context. Will also return 404 for products not in the right group context.
  • Check include product ID in product URL to activate that behavior

The customized URL meta settings (Figure 9.1) let you control meta behavior.

Figure 9.1 Customized URLs meta settings

You can check Use noindex, nofollow for *.dynamicweb.* URLs to tell search engines NOT to index or follow links to Dynamicweb.dk domains. If disabled on *.net.dynamicweb.dk solutions, you will still get a <meta name="robots" content="noindex,nofollow"> in the page source on your *.net.dynamicweb.dk addresses. This is intended behavior. Dynamicweb cannot have pages indexed ending with .dynamicweb.dk or any other Dynamicweb domain, as it breaks SEO for our own Dynamicweb page. You need to buy a domain for your solution.

If your Ecommerce contains pages with different URLs but identical content, such as /productlist.aspx and /productlist.aspx?sort=price, you can check canonical links in meta to make the most basic URL canonical and prevent content from being indexed as separate pages by search engines.

The Security settings (Figure 10.1) lets you control various security settings related to your solution.

Figure 10.1 The Security settings

You can:

  • Activate antispam functionality for form submission and creating/editing users using the extranet module – this will create hidden input fields, which will be filled by bots and used to filter out spam. You can then:
    • Enter an email address to send a copy of the filtered forms to (this can be useful for debugging)
    • Define a seconds before post limit, which will cause forms submitted before that limit to be spam
    • Define a submits from same IP limit, which will cause submissions to be flagged as spam
    • Disable extended checks which will disable the seconds limit and the IP submission limit entirely
  • Restrict access for support users, which removed angel access for our support staff. They may throw a hissy-fit if you then need support. Use with extreme caution.
  • Completely disable Dynamicweb’s built-in security measures against SQL injections. We strongly advise against this. Use at your own risk. You can also disable the security measures for specific fields only using the ignore the following fields list.

When the SQL injection check is active, injection attempts will result in a 15 minute IP ban of the injection source. The IPs will be listed in \Files\System\_BannedIps.txt. Delete the file to lift any active bans. Only SQL injection attempts will return in IP bans – other forms of attack, such as cross scripting attempts, will only result in 404 on subsequent tries.

You can also specify one or more emails to notify when an SQL injection attack is detected.

In the EU, all websites must explicitly provide users with the opportunity to refuse the use of cookies. This means that you are required to obtain consent from each visitor before storing or accessing information in a cookie.

Dynamicweb ships with a Cookie Manager tool, which can help you comply with EU legislation - read more here.

With the HTTP Compression settings (Figure 12.1), you can choose between GZip and Deflate compression. You may also select None.

You can also check Minify HTML to remove unnecessary whitespace from your HTML code.

Figure 12.1 The HTTP Compression settings

The Settings section (Figure 12.2) let you:

  • Check do not add base href to disable adding the base href meta tag to pages from this solution
  • Disable port number in base href and Cart redirects
    Some types of customized URLs add a tag to the head section of pages in frontend - and when running SSL, this tag has a port number added to it. In some hosting environments, SSL http requests are translated by a firewall, in which case the base href tag is needed without a port number. 
  • Disable performance comments in the source html of all rendered pages
  • Add a last modified header to the HTTP response - this can be used by some browsers to control content cache invalidation
  • Disable browser cache of web content
Figure 12.2 The Settings settings

With the Image Handler settings ( Figure 12.3), you can control for how long the output cache from the Image Handler tool should be saved (in hours) - default is set to 168 hours (one week).

Figure 12.3 The Image Handler settings

With the SMTP settings (Figure 13.1), you can configure your mail server.

Figure 13.1 The SMTP settings

To set up the mail server:

  • Enter the mail server address - you can add more than one using ";" as a separator (e.g. smtp.yourdomain.dk;mail.yourdomain.dk)
  • Enter a port number - the default smtp port is 25
  • Enter the user name and password to the smtp server
  • Check SSL to use SSL Encryption

Check Do not use SMTP pickup directory to bypass the pickup directory on your mail server. This should be set when both a username and password has been specified in the other settings.

You can use the Test Mail Settings button to verify that SMTP is working correctly. You can also use two test settings:

  • Save all emails to disk saves all emails to /Files/System/Log/EmailHandler/. This will of course slow down performance very considerably, due to a synclock in the savinf process.
  • Enable test mode will forward all emails sent from the solution to the address specified in Forward emails to field.


Content Delivery Network is a network of servers - usually located at various sites around the world - that deliver cached static content from websites, such as images, CSS and JavaScript files.

Using the CDN settings in the management center (Figure 14.1), you can configure a global CDN network, which can then be inherited or overwritten in the website settings for each of your websites, as appropriate.

Figure 14.1 Global CDN settings

If your website uses the HTTPS protocol the CDN host should also use the HTTPS protocol.

Static resources placed under /Files will not be replaced.