Expand my Community achievements bar.

SOLVED

Login Screen Visible to Web Crawlers (Google)

Avatar

Level 1
Level 1
6/5/19 6:32:52 AM

Hi,

Our site has been working fine for years - all anonymous access.  On google someone was able to see our login screen and the managers would like it to be not visible from our website.  Is there a way to block its visibility? 

Thanks,

Views

1.2K

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
6/5/19 6:49:28 AM

You can block the login page at dispatcher level with a rule like below:

/0011 { /type "deny" /url "libs/granite/core/content/login.html"  }

Ideally, you should be blocking "*" and only allow the URL's that are required to load the site.

View solution in original post

Views

881

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Correct answer by
Employee Advisor
Employee Advisor
6/5/19 6:49:28 AM

You can block the login page at dispatcher level with a rule like below:

/0011 { /type "deny" /url "libs/granite/core/content/login.html"  }

Ideally, you should be blocking "*" and only allow the URL's that are required to load the site.

Views

882

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 1
Level 1
6/5/19 12:39:05 PM

Thanks.  I tried adding

/0032 { /type "deny" /url "libs/granite/core/content/login.html"  }

/0033 { /type "deny" /url "libs/cq/core/content/login.html"  }

to the dispatcher.any files on my two servers, rebooted the servers, deleted the old files from the cache on the servers and from my local browser cache and tried the url again - but it still allowed me access.  (The url on google is the bottom one, which is why I added that as well). 

Perhaps I should add them higher up in the list of rules? 

Thanks again,

Connie

Views

941

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
6/5/19 12:58:21 PM

Yes, add all the deny rules first and then allow. If still not working, change the dispatcher log level to DEBUG and check the logs when you hit the URL. It should tell you which rule is being used to allow/deny the URL.

Views

853

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
6/5/19 1:01:48 PM

Thanks - I noticed that the other allows and denies started with / 

I changed the lines to

/0032 { /type "deny" /url "/libs/granite/core/content/login.html"  }

/0033 { /type "deny" /url "/libs/cq/core/content/login.html"  }

and that did the trick - the login page is giving a 404 now. 

Thanks for your help. 

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
I'm encountering an error when adding my component to a page and trying to view it in publish mode

Views

39

Likes

0

Replies

1
How to open page in universal editor

Views

48

Likes

0

Replies

2
Bhai Bt kr ni Ye hi Tu to do He Ne  0 He He said He He will do be

Views

57

Likes

0

Replies

1
Issue with OSGi Bundle in Installed State After Adding Apache PDFBox to bnd-baseline-maven-plugin

Views

160

Likes

0

Replies

10
Need to show featured image alone in list component

Views

75

Likes

0

Replies

4