Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

How to Block http://localhost:4502/.json ?

Avatar

Level 1

Hello All,

What rule to apply on dispatcher to block 

http://localhost:4502/.json ??

Thanks,

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

@ShivaMn - There is a general default filter rule for denying json extension requests as below -

# Deny content grabbing for greedy queries and prevent un-intended self DOS attacks
/0017 { /type "deny" /selectors '(feed|rss|pages|languages|blueprint|infinity|tidy|sysview|docview|query|[0-9-]+|jcr:content)' /extension '(json|xml|html|feed)' }

But these rules are valid on Dispatcher and not Author instance (4502).
You can refer below URL for Dispatcher Filter rules -
https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/dispatcher-c...

View solution in original post

2 Replies

Avatar

Correct answer by
Community Advisor

@ShivaMn - There is a general default filter rule for denying json extension requests as below -

# Deny content grabbing for greedy queries and prevent un-intended self DOS attacks
/0017 { /type "deny" /selectors '(feed|rss|pages|languages|blueprint|infinity|tidy|sysview|docview|query|[0-9-]+|jcr:content)' /extension '(json|xml|html|feed)' }

But these rules are valid on Dispatcher and not Author instance (4502).
You can refer below URL for Dispatcher Filter rules -
https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/dispatcher-c...

Avatar

Employee Advisor

Hi,

 

To block requests for URLs ending with ".json" on the Dispatcher, add the following rule in the dispatcher.any file:

 

/ {
/type "deny"
/url "*.json"
}

 

Restart the Dispatcher service for the changes to take effect.