Sitecore Hosting: Infrastructure Decision Framework Guide for Sitecore on Azure

This framework guides you through the critical decisions required to design and optimize your Sitecore infrastructure on Azure. It covers everything from hosting and scaling to security and disaster recovery, ensuring your platform is built for performance, scalability and long-term success.

1. Sitecore Hosting Model Selection

Question: Where will Sitecore be hosted?

Options:

• IaaS (Infrastructure as a Service)
  • Microsoft Azure virtual machines
• PaaS (Platform as a Service)
  • Azure App Service (preferred for scalability and ease of management)
  • Azure Kubernetes Service
• Fully Managed Service
  • Azure Partner Managed Instances
  • Sitecore Managed Cloud
  • Dataweavers Fusion for Sitecore

Recommendation: Use Azure App Service, delivered as a fully managed service for most production environments due to better cost efficiency, scalability and ease of management.

2. Topology Design 

Question: Which Sitecore topology best fits your environment?

Options:

• XP/XM Scaled Topology
  • Roles split across distinct compute resources
  • Ideal for production environments with high traffic or complex personalization needs
• XP/XM Single Topology
  • Consolidates roles onto shared resources
  • Best suited for development, testing or small-scale deployments

Key Considerations:

• Projected traffic volume
• Personalization and analytics requirements
• Infrastructure complexity and scalability

3. Redundancy & High Availability (HA) Strategy

Question: How will you ensure uptime and resilience?

Options:

• Single Region Redundancy (Basic HA)
  • Use Azure Availability Zones for in-region redundancy
  • Minimum of 3 instances for app services
  • Use Azure SQL Database in the Business-Critical tier for regional failover
• Geo-Redundancy (Advanced HA)
  • Deploy app services across at least two Azure regions
  • Set up Azure Front Door with70/30 or 50/50 traffic split  
  • Enable SQL Active Geo-Replication for critical databases
  • Configure failover groups for seamless disaster recovery

Recommendation: Geo-redundancy is essential for global deployments and mission-critical environments.

4. Scaling

Question: How will Sitecore scale to meet user demand?

Options:

• Automatic Scaling (Recommended)
  • Configure Azure App Service Autoscaling based on:
    • CPU usage
    • Memory consumption
    • HTTP request volume
• Enable Scheduled Scaling for anticipated traffic spikes (e.g., during marketing campaigns)
• Set up Instance Warm-Up to ensure performance during scaling events

5. Security Configuration

Question: How will the infrastructure be secured?

Layers of Security:

• Network Security
  • Azure Private Endpoints for secure resource-to-resource communication
  • Virtual Network (VNet) Isolation to separate critical resources
  • Network Security Groups (NSGs) for fine-grained control of inbound and outbound traffic
• Identity & Access Management
  • Integrate Azure Entra ID (formerly Azure Active Directory) for centralized access control
  • Apply Role-Based Access Control (RBAC) to limit access based on team roles
  • Enable Single Sign-On (SSO) across Sitecore environments
• Web Protection
  • Enable Azure Front Door security features:
    • Web Application Firewall (WAF) with custom rules tailored for Sitecore
    • Bot Protection to defend against scraping and credential-stuffing attacks
    • Azure DDoS Protection for high-traffic attack mitigation

• Use a CDN layer with proxy capabilities, such as Cloudflare, for additional DDoS protection, advanced bot detection and custom WAF configurations

6. Search Solution

Question: What search solution will your platform use?

Options:

• Apache Solr (Required for Sitecore XP 10+)
  • Self-hosted or fully managed options:
    • Dataweavers Solr Hosting
    • SearchStax
• Non-Solr Search Alternatives
  • Sitecore Search – Cloud-native search optimized for personalization
  • Coveo – AI-powered search with recommendations and personalization

7. Monitoring, Backup & Disaster Recovery

Question: How will you ensure reliability and protect against data loss?

Monitoring & Logging:

• Set up Azure Monitor to track infrastructure health
• Use Application Insights for tracking performance metrics and troubleshooting errors
• Configure custom alerts for spikes in CPU usage, memory, or traffic

Backup & Disaster Recovery:

• Enable Point-in-Time Restore (PITR) for SQL backups
• Configure Geo-Redundant Storage (GRS) for long-term backup retention
• Regularly test failover systems to minimize recovery time during outages

8. Cost Optimization

Question: How will you manage costs effectively without sacrificing performance?

Strategies:

• Use Azure Reserved Instances for long-term, predictable workloads
• Monitor real-time usage through Azure Cost Management
• Set autoscaling policies to minimize unnecessary resource usage during off-peak periods
• Apply Azure Hybrid Benefit for licensing savings (where applicable)

The best time to re-look at your infrastructure and hosting is when you are looking to upgrade your Sitecore ecosystem.

Ready to optimize your Sitecore hosting? Get the full framework and build a fast, secure, and scalable platform on Azure by getting in touch with Dataweavers today!

Let's chat!