Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Dispatcher Filters

Avatar

Level 5
Level 5
10/7/18 10:55:58 PM

Hi Team,

Instead of white listing whole /content/* in filter rule 1 in dispatcher.any.

many unmapped requests like /content/xyz/example/https://example.com can still land on publisher.

Is there any way to block any unmapped requests like /content/xyz/example/https://example.com.

Thanks,

Viki

Views

1.4K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/8/18 12:12:29 AM

HI Viki,

Absolutely, as you keep maintaining the application you see what visitors are trying to achieve. The more they try, the better your analysis is. The better results you achieve.

You can use standard Apache rewrite rules to kick out any unwanted visitors, here I'm showing forbidden.
RewriteRule ^content/xyz/example/[^/]+/https://example.com$ - [F]

Or it can come up as a more complicated rule that attempt to block all the cases:

RewriteRule ^content/xyz/example/[^/]+(?!mailto:)(?:(?:http|https|ftp)://)(?:\\S+(?::\\S*)?@)?(?:(?:(?:[1-9]\\d?|1\\d\\d|2[01]\\d|22[0-3])(?:\\.(?:1?\\d{1,2}|2[0-4]\\d|25[0-5])){2}(?:\\.(?:[0-9]\\d?|1\\d\\d|2[0-4]\\d|25[0-4]))|(?:(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)*(?:\\.(?:[a-z\\u00a1-\\uffff]{2,})))|localhost)(?::\\d{2,5})?(?:(/|\\?|#)[^\\s]*)?$ - [F]

However, no matter how hard you try the user will still win and unwanted requests will reach Publisher, if someone really tries.

Regards,

Peter

View solution in original post

Views

1.1K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
10/8/18 12:12:29 AM

HI Viki,

Absolutely, as you keep maintaining the application you see what visitors are trying to achieve. The more they try, the better your analysis is. The better results you achieve.

You can use standard Apache rewrite rules to kick out any unwanted visitors, here I'm showing forbidden.
RewriteRule ^content/xyz/example/[^/]+/https://example.com$ - [F]

Or it can come up as a more complicated rule that attempt to block all the cases:

RewriteRule ^content/xyz/example/[^/]+(?!mailto:)(?:(?:http|https|ftp)://)(?:\\S+(?::\\S*)?@)?(?:(?:(?:[1-9]\\d?|1\\d\\d|2[01]\\d|22[0-3])(?:\\.(?:1?\\d{1,2}|2[0-4]\\d|25[0-5])){2}(?:\\.(?:[0-9]\\d?|1\\d\\d|2[0-4]\\d|25[0-4]))|(?:(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9]+-?)*[a-z\\u00a1-\\uffff0-9]+)*(?:\\.(?:[a-z\\u00a1-\\uffff]{2,})))|localhost)(?::\\d{2,5})?(?:(/|\\?|#)[^\\s]*)?$ - [F]

However, no matter how hard you try the user will still win and unwanted requests will reach Publisher, if someone really tries.

Regards,

Peter

Views

1.1K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Community Advisor
Community Advisor
10/8/18 12:22:13 AM

Agree wit Peter

more info at Redirecting and Remapping with mod_rewrite - Apache HTTP Server Version 2.4  about Apache HTTPS redirects



Arun Patidar

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Pipeline-free URL Redirects is not working in AEM Cloud Dispatcher Solved

Views

149

Likes

0

Replies

5
I have 2 filters and they are running in the wrong order Solved

Views

161

Likes

0

Replies

3
Redirect the url https://tooB.com.br and https://tooBB.com to https://tooA.com (vhost and dispatcher ?) Solved

Views

205

Likes

0

Replies

8
Recommendation on Dispatcher Cache Configuration: TTL vs Flush Solved

Views

210

Likes

0

Replies

3
how to implement nonce for Content-Security-Policy script-src directive in dispatcher

Views

92

Likes

0

Replies

2