Hi,
Is there a way to stop AEM instance directly using AEM server IP and the port on which the instance is started?
is there an AEM configuration which could help us stop user's access AEm directly on the server port?
Regards,
Ramgopal.
Solved! Go to Solution.
Views
Replies
Total Likes
yes I see it’s single valued so you need to restrict that on the network layer to complete this task
In AWS hosted environment, you should be able to create policies to restrict this easily
Views
Replies
Total Likes
Strange request - an Admin should be in charge of who can and cannot access AEM.
Views
Replies
Total Likes
Hi Donald,
It's not access to login into AEM.
For example if my hostname is asdfg01 and my server is started on port 4502, in general we can access the server by accessing asdfg01:4502.
We are trying to restrict people who know the server name/IP and the port, so is there a way at all to achieve this?
If so how can we achieve it?
Views
Replies
Total Likes
This is not really an AEM issue but a network/server issue. You can setup your network to block people from accessing the server that is hosting AEM.
Views
Replies
Total Likes
Hi Donald,
Have you heard of this requirement before and do you know if anyone has ever implemented this scenario?
We want to be more precise about this implementation because we fear that it might block any services in future.
Regards,
Ramgopal
Views
Replies
Total Likes
AEM does not have a configuration settings that acts as a network whitelist/blacklist.
Views
Replies
Total Likes
You can set the Jetty config in Felix console which allows to accept connections from specific IP addresses only.
By default it is set to 0.0.0.0 which means accept all and you can adjust the list per your need. I think it is a multivalued property
Hope this helps.
Views
Replies
Total Likes
Hi Kunwar,
Thanks for your reply, in my previous project we had issues with monitoring tools accessing the server, so we had to revert to 0.0.0.0.
If we whitelist the monitoring server IP, will it fix the issue?
Regards,
Ramgopal.
Views
Replies
Total Likes
Yes should be fine given we whitelist the ip of monitoring tools in this config
Views
Replies
Total Likes
Hi Kunwar,
I wanted to test the configurations suggested by you, I have updated it to an IP address which is not my system IP and once i changed the Ip address in the jetty configurations, the server went unavailable.
we use VM ware and i'm not sure how to find the IP address in the entire company to revert the change, is there a way we can revert this configuration with out logging into AEM. (something from crx-quick start)
Regards,
Ramgopal.
Views
Replies
Total Likes
Hi Kunwar,
Jetty is not a multi field config, even if we whitelist the IP, we are still not able to access the server.
We had to revert it through launchpad configurations back to the hostname and then only we are able to retrieve the server.
please let us know if there is any other possibility.
Regards,
Ramgopal.
Views
Replies
Total Likes
yes I see it’s single valued so you need to restrict that on the network layer to complete this task
In AWS hosted environment, you should be able to create policies to restrict this easily
Views
Replies
Total Likes
Views
Likes
Replies