Expand my Community achievements bar.

Suggestion to block children and home endpoints in AEM

Avatar

Level 2
Level 2
12/1/25 12:47:12 AM

Hi Team,

 

We received a vulnerabilities ticket, mentioning to block children,childrenlist and home.json endpoints. 

 

Whenever we are hitting www.abc.com/content/*/*/*.children.json , we are able to see json files loading. so we added the deny rule in publish.ehs.any file

 

/0012 {
/url "/childrenlist.json"
/type "deny"
}
/0013 {
/url "/children.json"
/type "deny"
}

 

but still the json files are loading . so It will be helpful if we get any suggestions to block the endpoints. 

 

Regards,

Anusha
 

Views

30

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Reply

Avatar

Level 2
Level 2
12/1/25 7:09:24 AM

Hi @AnushaAt 

 

Add the filter condition like blow in you dispatcher filter.any file.

 

{ /type "deny" /suffix '(.*infinity.*|.*children.*|.*tidy.*)' }

 

Views

8

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Extend/intercept Asset create/delete in new Assets UI Solved

Views

125

Likes

0

Replies

2
Hide all DAM information from newly logged-in users

Views

55

Likes

0

Replies

1
How to export and install content with version history

Views

69

Likes

0

Replies

0
Issue while including OOTB Teaser component in custom component with HTL tag "data-sly-resource"

Views

73

Likes

0

Replies

0
Best Approach for Migrating 50+ Multiregional Websites from Umbraco to AEM (Headless vs Server-Side)

Views

162

Likes

0

Replies

2