Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

AEM Security Vulnerability (Bypassing CDN and Dispatcher)

Avatar

Level 2

Hello All,

 

we have pretty strong dispatcher and CDN blockers restricting only required URL's. What we noticed that once we identify a valid content path for a site, its pretty much easy to by pass CDN and dispatcher eventually increasing the CPU Utilization. If its a planned dynamic IP flood of HTTP requests with valid URL, all such requests will reach AEM (Given an example scenario)

 

Home Page - /content/site/country/language/home.html

Vulnerable URL - /content/site/country/language/home123.html (any number of such URL's can be formed and triggered from simple hacking tools)

 

Has anyone come across such use case, as I feel its pretty much a key vulnerability.

 

Recommendation from Core Engg team was to limit requests coming through CDN to a specific amount and increase AEM infra.

 

Please share in your thoughts..

 

Thanks

Abdul

0 Replies