Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Blacklist and whitelist filters

JakeCham
Level 4
Level 4

Hi , 

from where in AEM i can check Blacklist and whitelist filter setting configurations?

I have checked "AEM web console Sling Health check" and /system/console/configMgr/com.adobe.cq.deserfw.impl.DeserializationFirewallImpl.But i was unable to find desired results in there.

1 Accepted Solution
Umesh_Thakur
Correct answer by
Community Advisor
Community Advisor

I think the settings you are looking for that does not comes by default with general server installation, so you are not able to find it in the configMgr.

Please click on the below links to get some info on it.

https://docs.adobe.com/content/help/en/experience-manager-65/administering/security/mitigating-seria...

hope this will help.

Regards

Umesh Thakur

View solution in original post

5 Replies
Jineet_Vora
Level 4
Level 4

Hi @JakeCham,

Not clear on your question but I think may be you're looking for 'Apache Sling Referrer Filter'

Jineet_Vora_0-1601466978919.png


Jineet

Jörg_Hoh
Employee
Employee

What settings are you looking for? There are a few settings which I would qualify as allow or deny lists.

JakeCham
Level 4
Level 4
i have got vulnerability issue report from one of my client.in there he has provided some links to verify that those links have been blocked properly in black list and white list configurations. i got this project in halfway through so i am looking from where it has been blocked
Jörg_Hoh
Employee
Employee

Hi,

 

you mention "blocking links", which makes me think of "blocking URLs". So do you want to block some URLs so they are not reachable from the public anymore? That would be a topic for using the dispatcher to block them.

Check https://docs.adobe.com/content/help/en/experience-manager-dispatcher/using/configuring/dispatcher-co... for the official documentation how you can allow or deny access to certain URLs.

Umesh_Thakur
Correct answer by
Community Advisor
Community Advisor

I think the settings you are looking for that does not comes by default with general server installation, so you are not able to find it in the configMgr.

Please click on the below links to get some info on it.

https://docs.adobe.com/content/help/en/experience-manager-65/administering/security/mitigating-seria...

hope this will help.

Regards

Umesh Thakur

View solution in original post