Login Screen Visible to Web Crawlers (Google) | Community
Skip to main content
pipcat
pipcat
June 5, 2019
Solved

Login Screen Visible to Web Crawlers (Google)

  • June 5, 2019
  • 4 replies
  • 1530 views

Hi,

Our site has been working fine for years - all anonymous access.  On google someone was able to see our login screen and the managers would like it to be not visible from our website.  Is there a way to block its visibility? 

Thanks,

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by user05162

    You can block the login page at dispatcher level with a rule like below:

    /0011 { /type "deny" /url "libs/granite/core/content/login.html"  }

    Ideally, you should be blocking "*" and only allow the URL's that are required to load the site.

    4 replies

    U
    Adobe Employee
    user05162Adobe EmployeeAccepted solution
    Adobe Employee
    June 5, 2019

    You can block the login page at dispatcher level with a rule like below:

    /0011 { /type "deny" /url "libs/granite/core/content/login.html"  }

    Ideally, you should be blocking "*" and only allow the URL's that are required to load the site.

      pipcat
      pipcatAuthor
      June 5, 2019

      Thanks.  I tried adding

      /0032 { /type "deny" /url "libs/granite/core/content/login.html"  }

      /0033 { /type "deny" /url "libs/cq/core/content/login.html"  }

      to the dispatcher.any files on my two servers, rebooted the servers, deleted the old files from the cache on the servers and from my local browser cache and tried the url again - but it still allowed me access.  (The url on google is the bottom one, which is why I added that as well). 

      Perhaps I should add them higher up in the list of rules? 

      Thanks again,

      Connie

      U
      Adobe Employee
      user05162Adobe Employee
      Adobe Employee
      June 5, 2019

      Yes, add all the deny rules first and then allow. If still not working, change the dispatcher log level to DEBUG and check the logs when you hit the URL. It should tell you which rule is being used to allow/deny the URL.

      pipcat
      pipcatAuthor
      June 5, 2019

      Thanks - I noticed that the other allows and denies started with / 

      I changed the lines to

      /0032 { /type "deny" /url "/libs/granite/core/content/login.html"  }

      /0033 { /type "deny" /url "/libs/cq/core/content/login.html"  }

      and that did the trick - the login page is giving a 404 now. 

      Thanks for your help. 

      Terms & ConditionsAccessibility statement

      Loading footer...