Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Who Me Too'd this topic

vivianseba
Level 2
Level 2

Hi All,

As part of aem_hacker.py reports,requested us block the below access in our application.

bin/querybuilder.json.css
bin/querybuilder.feed.css
ibs/cq/security/userinfo.css
crx/de/index.jsp;%0aa.css


I have tried with the below deny rule in dispatcher.any file and it's not worked

 

  1. { /type "deny"  /url"/bin/querybuilder.feed.css" }
  2. { /type "deny"  /url"/bin/querybuilder.json.servlet;%0aa.css" }
  3. { /type "deny"  /url"/crx/de/index.jsp;%0aa.css" }
  4. { /type "deny" /path "/bin/querybuilder*" /selectors '(feed|servlet|json)' /extension '(css)'}
  5. { /type "deny" /url "*.userinfo.css"}
  6. { /type "deny" /url "/crx/*.css"
  7. { /type "deny" /path "/libs/*" }
  8. { /type "deny" /path "/bin/querybuilder*" }

Could you please suggest with solution to fix the hacker.py report issues ?

Who Me Too'd this topic