Loading
Extend Salesforce with Clicks, Not Code
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Create and Edit Salesforce Sites

            You are here:

            1. Salesforce Help
            2. Docs
            3. Extend Salesforce with Clicks, Not Code

            Create and Edit Salesforce Sites

            After you enable Salesforce Sites, create a Salesforce Site. Or, update an existing site.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: Developer, Enterprise, Performance, and Unlimited Editions
            User Permissions Needed
            To create and edit Salesforce Sites:

            Customize Application

            OR

            Create and Set Up Experiences
            Note
            Note You define custom URLs from Domain Management in Setup.
            1. From Setup, enter Sites in the Quick Find box, and select Sites.
            2. Click New, or click Edit to modify an existing site.
            3. On the Site Edit page, configure the following settings.
              Note
              Note Site Label, Site Name, Site Contact, and Active Site Home Page are required fields.
              Field Description
              Site Label The name of the site as it appears in the user interface.
              Site Name The name used when referencing the site in the SOAP API. This name can contain only underscores and alphanumeric characters, and must be unique in your org. It must begin with a letter, not include spaces, not end with an underscore, and not contain two consecutive underscores.
              Site Description An optional description of the site.
              Site Contact The user who receives site-related communications from the site’s visitors and Salesforce.
              Default Record Owner The user who owns all new records that unauthenticated guest users create. For considerations, especially when updating sites created before Summer ’20, see Best Practices and Considerations for Using the Guest Record Default Owner in Salesforce Help.
              Default Web Address The unique Salesforce Site URL for this site. Salesforce Sites provide the first part of the URL based on the domain name that you registered. You must add a unique site name to the end. Unless you configure a custom address through a domain name registrar, this URL is the one that the public uses to access your site.
              Active Select when you’re ready to make your site available to the public. You can also activate your site from the Sites and Site Details pages. When the site is inactive, users see the page specified in the Inactive Site Home Page field.
              Active Site Home Page

              The landing page that users are directed to when this site is active. Use the lookup field to find and select the Visualforce page that you developed for your site’s home page. Choose the UnderConstruction page if you want to test your site.

              For ideas sites, you must use the IdeasHome page. For answers sites, use the AnswersHome page. If you don’t use a site template, your site inherits its look and feel from its associated portal.

              If you deployed a site before the Summer ’10 release, you can set AnswersHome as your default landing page if you create a Visualforce page using <apex:page action="{!URLFOR('/answers/answersHome.apexp')}"/>.
              Inactive Site Home Page The landing page that users are directed to when this site is inactive. Use the lookup field to find the page that you want to use. You can, for example, select a page to indicate that the site is under construction or down for maintenance.
              Site Template

              The template that provides the page layout and style sheet for your site. The site template overrides the formatting inherited from the associated portal. Use the lookup field to find a template that you’ve developed, or use the provided template.

              The site template specified here is used only for Visualforce pages using the $Site.Template expression.
              Site Robots.txt

              A file that determines which parts of your public site that web spiders and other web robots can access. Search engines often use web robots to categorize and archive websites. HTML tags are not allowed because they are not compatible with robots.txt spiders. For Visualforce pages, add contentType="text/plain" to the <apex:page> tag.

              This example disallows all robots from indexing all pages.

              <apex:page contentType="text/plain">
    User-agent: *  # Applies to all robots
    Disallow: /    # Disallow indexing of all pages
    </apex:page>

              This example allows all robots to index all pages.

              <apex:page contentType="text/plain">
            User-agent: *  # Applies to all robots
            Disallow:      # Allow indexing of all pages
            </apex:page>
              Site Favorite Icon The icon that appears in the browser’s address field when visiting the site. Use this field to set the favorite icon for your entire site instead of for each page. Due to caching, changes are reflected on your site one day after you make them.
              Analytics Tracking Code The tracking code associated with your site. Services such as Google Analytics can use this code to track page request data for your site.
              URL Rewriter Class An Apex class to use for rewriting URLs for your site, from Salesforce URLs to user-friendly URLs. With this class, you can make rules to rewrite site URL requests typed into the address bar, launched from bookmarks, or linked from external websites. You can also create rules to rewrite the URLs for links within site pages.
              Enable Feeds The option that displays the Syndication Feeds related list, where you can create and manage syndication feeds for users on your public sites. This field is visible only if you have the feature enabled for your organization.
              Clickjack Protection Level

              You can set the clickjack protection for a site to one of these levels:

              • Allow framing by any page (no protection): The least secure level.
              • Allow framing of site pages on external domains (good protection): Allows framing of your site pages by pages on external domains that are added to the Trusted Domains for Inline Frames list.
              • Allow framing by the same origin only (recommended): The default level for sites. Allows framing of site pages by pages with the same domain name and protocol security.
              • Don’t allow framing by any page (most protection): The most secure level, but it can cause certain pages to appear as blank pages. To avoid this issue, use the default setting instead.

              If you select Allow framing of site or community pages on external domains (good protection), select Add Domain in the Trusted Domains for Inline Frames section, enter the domain you want to allow iframes on, and select Save.
              Lightning Features for Guest Users

              Determines whether unauthenticated guest users can view features available only in Lightning. If this setting is disabled, Lightning features don’t load for those users.

              If you disable this setting in a Lightning site, unauthenticated users can’t access any Lightning pages, including Login pages, Error pages, and surveys. Replace those pages with custom Visualforce pages before you disable this setting.
              Enable Content Sniffing Protection Prevents the browser from inferring the MIME type from the document content. It also prevents malicious files from being executed as dynamic content (JavaScript, style sheet).
              Enable Browser Cross-Site Scripting Protection Protects against reflected cross-site scripting attacks. When a reflected cross-site scripting attack is detected, the browser renders a blank page with no content.
              Referrer URL Protection When loading pages, the referrer header shows only Salesforce.com rather than the entire URL. This feature eliminates the potential for a referrer header to reveal sensitive information that could be present in a full URL, such as an org ID. This feature is supported only for Chrome and Firefox.
              Allow only required cookies for this site The option to only allow required Salesforce-supplied cookies within a Salesforce Site. When this setting is turned off, we allow all cookie types: required, functional, and advertising.
              Redirect to custom domain

              If an HTTPS custom domain, such as https://www.example.com, serves this site, redirects requests from the site’s system-managed URLs to that custom domain. System-managed site URLs end in *.force.com, *.my.salesforce-sites.com, or *.my.site.com.

              If multiple custom domains serve this site, requests are routed to the site’s primary custom URL only if it’s an HTTPS custom domain. Otherwise, requests are redirected to the first HTTPS custom domain associated with this site, in alphanumeric order. If no HTTPS custom domain serves this site, this option has no effect.
              Cache public Visualforce pages When this option is enabled, proxy servers cache the sites’ publicly available pages only for unauthenticated guest users. When this setting is disabled, all of this site’s Visualforce pages can be cached in the web browser for both authenticated and unauthenticated users, and each Visualforce page’s cache attribute controls whether the page is cached in the end user's web browser. For more information, see Configure Site Caching.
              Guest Access to the Support API When this option is enabled for a Salesforce site or Experience Cloud site, unauthenticated users are allowed to access the Support API.
            4. Click Save.

            See Also

             
            Loading
            Salesforce Help | Article