Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Aem Publish - block access to a path

Avatar

Level 3

Good morning,

 

on Publish machines without working on the Dispatchers is it possible to block access to a path both logged in and logged out?

I would like to block the following paths:

 

- /crx/explorer/browser/index.jsp

- /crx/explorer/index.jsp

- /crx/explorer/ui/search.jsp

- /system/sling/info.sessionInfo.txt

- /crx/explorer/ui/namespace_editor.jsp

-/bin/wcm/search/gql.json?query=...

 

Thanks

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @robertol6836527 have you tried to block the given paths using the Apache Sling Referrer filter configuration? 

example - 

  1. Go to the AEM publish instance's Felix Console (http://<publish-instance-host>:<port>/system/console/configMgr)

  2. Search for "Apache Sling Referrer Filter"

  3. Click on the "Apache Sling Referrer Filter" configuration

  4. In the "Allowed Referrers" field, add the following value: -^(?!.*(crx/explorer/browser/index.jsp)).*$

  5. Click on "Save"

 

View solution in original post

2 Replies

Avatar

Level 4

/crx/explorer is shipped with AEM as part of the jar so it's there is no Sling configuration associated with it. You may need to go to /system/console/bundles, search "Adobe Granite CRX Explorer" and stop the bundle. For other paths, you can go to /system/console/configMgr, search "Apache Sling Authentication Service", for instance, add "-/system/slinginfo.sessionInfo.txt" to the "Authentication Requirements" field, save it. That should be able to stop anonymous access to the path.

Avatar

Correct answer by
Community Advisor

Hi @robertol6836527 have you tried to block the given paths using the Apache Sling Referrer filter configuration? 

example - 

  1. Go to the AEM publish instance's Felix Console (http://<publish-instance-host>:<port>/system/console/configMgr)

  2. Search for "Apache Sling Referrer Filter"

  3. Click on the "Apache Sling Referrer Filter" configuration

  4. In the "Allowed Referrers" field, add the following value: -^(?!.*(crx/explorer/browser/index.jsp)).*$

  5. Click on "Save"