Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

Can AEM cloud Envs be whitelisted by header value?

TB3dock
Level 7
Level 7

In the cloud manager, you set "IP allow lists" to stop random public viewing your non-production / in-development instances.   You set these lists to your office IPs and/or VPN IP.

 

However, this shotgun approach blocks essential tools, e.g. blazemeter, pagespeed insights, webpagetest, lighthouse etc.

 

In EPiServer DXP cloud env, you can whitelist headers (or useragent strings), so we used a header with a secret key to allow these tools to hit our non-prod envs.

 

How do we do this in AEM?

 

The AEM allow list is limited to 25 ips, and most of these services have hundreds of ips which change constantly.

 

 

1 Reply
asutosh_jena
Community Advisor
Community Advisor

HI @TB3dock 

 

This allowes an IP or IP CIDR block(s) separated by a comma. So you should be able to add a wide range of IP if you see the IPs are dynamic and changing very frequently.

 

Something like below:

158.128.0.0/16 which will allow more numbr of IPs.