Sitecore Page Rules For Access Verification

Our client is legally required to verify the age of individuals accessing their site. I recently came across a post by Marek about using a rules engine to handle this on a page-by-page basis, rather than through the HttpRequest pipeline. The solution provided by Marek's Post seems ideal for a multi-site setup.

The access verification process is straightforward: a verified cookie is checked, and if it exists, the user is granted access to the site. If the cookie does not exist, the user is redirected to the Age Gate, where their age is verified based on their date of birth input.

With Sitecore Page Rules, you can easily bypass the Age Gate for pages such as the privacy policy, cookie policy, or terms and conditions. Implementing a rules engine also allows you to tailor the access verification or other processes to fit your specific needs.

Source code is very similar to Marek's code with few differences for MVC approach, which are detailed below.

Pipeline patched after "...RequestBegin.StartTracking" in "zzz.Foundation.PageRules.config":

RunPageRules extends RequestBeginProcessor:

Content editor has checkbox for age gate (easier for editors to disable age gate), as well as rules field. Below is an example rule for Age Gate rule. Worth to note Javascript handles age check, cookie assignment and redirect to requested page. Age Gate Rule Set Editor

Sitecore Rules Conditions and Actions Elements

"Where in Live Mode" Condition, ensures we are not in experience editor/preview etc:

"and except where the device is bot" is Sitecore built in rule under "Device", so device detection should be enabled for this rule to work.

"and where Age Gate is enabled", simply checks value of checkbox on item

"and except where the agegate_cookie cookie exists" checks if cookie with given name already exists. Ideally there should be also added an expiration check, if no session cookie used:

"redirect user to age gate Age Gate" action let's us pick Sitecore item where we should redirect to. "dest" query string is used to redirect to requested page after verification:


  1. Marek's Post
  2. Code Companion on Github
  3. Sitecore Rule Set Editor