Can AEM cloud Envs be whitelisted by header value? | Community
Skip to main content
T
TB3dock
Level 8
April 8, 2021
Question

Can AEM cloud Envs be whitelisted by header value?

  • April 8, 2021
  • 1 reply
  • 571 views

In the cloud manager, you set "IP allow lists" to stop random public viewing your non-production / in-development instances.   You set these lists to your office IPs and/or VPN IP.

 

However, this shotgun approach blocks essential tools, e.g. blazemeter, pagespeed insights, webpagetest, lighthouse etc.

 

In EPiServer DXP cloud env, you can whitelist headers (or useragent strings), so we used a header with a secret key to allow these tools to hit our non-prod envs.

 

How do we do this in AEM?

 

The AEM allow list is limited to 25 ips, and most of these services have hundreds of ips which change constantly.

 

 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

Asutosh_Jena_
Community Advisor
Asutosh_Jena_Community Advisor
Community Advisor
April 8, 2021

HI @tb3dock 

 

This allowes an IP or IP CIDR block(s) separated by a comma. So you should be able to add a wide range of IP if you see the IPs are dynamic and changing very frequently.

 

Something like below:

158.128.0.0/16 which will allow more numbr of IPs.

    Terms & ConditionsAccessibility statement

    Loading footer...