Block access to CRX/CRXDE Lite

Shaheena_ACC

17-08-2020

i need to block user access to CRX or CRXDE Lite. My group has inherited permission from OOTB Contributors and I have denied access to these paths as well:

/libs/crx

/libs/cq/core/content/nav/tools/general/crxdelite 

/libs/granite/core/content/nav/operations/crxdelite 

/libs/cq/core/content/welcome/features/crxdeThese helps to hide all the buttons from the instance, but, if I directly hit the CRX URL, i will be able to read the content in it, though i cant create/delete/modify. I am using AEM 6.5.5 without dispatcher.

Answers (2)

Answers (2)

vanegi

Employee

17-08-2020

If you have a Dispatcher configured in front of your CQ instance, you can block access to CRX and CRXDE Light using the following filter rule in you dispatcher configuration (dispatcher.any)

/ruleLabel{/glob "* /crx*"/type "deny"}

 

To control what features/links are displayed to the users on the welcome screen in authoring mode modify permissions for nodes under /libs/cq/core/content/welcome/features.