Expand my Community achievements bar.

SOLVED

Cloud AEM: is there a way to block access to some content by IP, without hacking the dispatcher configs?

Avatar

Level 9

WE can block access to the entire site using AEM Cloud Managers IP whitelisting feature.

 

The business wants to hide only specific directories of content.

 

We can do this via dispatcher config, but this requires a release cycle (which is 2-4 weeks), so if they want to add/remove an IP, or protect a new folder, its a long wait.

 

Is there any in built way to do something like this in AEM cloud?

 

We could create a servlet filter for all pages, create a settings page that allows content editors to administer the IPs and folders list, then the servlet checks this for every request which comes in, but we are worried this will affect performance.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @TB3dock 

 

Not sure what you meant by "specific directories of content" .If you are looking to restrict the access to the assets, you can try CUG here

 

https://experienceleague.adobe.com/docs/experience-manager-learn/assets/advanced/closed-user-groups....

 

Hope this helps!

 

Thanks,

Kiran Vedantam.

View solution in original post

4 Replies

Avatar

Correct answer by
Community Advisor

Hi @TB3dock 

 

Not sure what you meant by "specific directories of content" .If you are looking to restrict the access to the assets, you can try CUG here

 

https://experienceleague.adobe.com/docs/experience-manager-learn/assets/advanced/closed-user-groups....

 

Hope this helps!

 

Thanks,

Kiran Vedantam.

Avatar

Level 9

Thanks for the reply. By content I mean pages (specifically a subdirectory of pages), not assets, unfortunately.

Avatar

Level 1

I am very sad to see what you are experiencing.
Hacking sometimes does harm other people. I can't help you much, because I only know about Cara Hack IG. Which my friend once used to hack Instagram accounts.
But I've heard stories from my friend's experience that it can be overcome in many ways.
One of them uses the Forgot Password method. Or maybe answer the Security Question as well. Also Two Factor Authentication.