Aem Publish - block access to a path

Question

Good morning,
 
on Publish machines without working on the Dispatchers is it possible to block access to a path both logged in and logged out? 
I would like to block the following paths:
 
- /crx/explorer/browser/index.jsp
- /crx/explorer/index.jsp
- /crx/explorer/ui/search.jsp
- /system/sling/info.sessionInfo.txt
- /crx/explorer/ui/namespace_editor.jsp
-/bin/wcm/search/gql.json?query=...
 
Thanks

Nitin_laad · Accepted Answer

Hi @robertol6836527 have you tried to block the given paths using the Apache Sling Referrer filter configuration?

example -

Go to the AEM publish instance's Felix Console (http://<publish-instance-host>:<port>/system/console/configMgr)
Search for "Apache Sling Referrer Filter"
Click on the "Apache Sling Referrer Filter" configuration
In the "Allowed Referrers" field, add the following value: -^(?!.*(crx/explorer/browser/index.jsp)).*$
Click on "Save"

Kevin_GTa · Answer

/crx/explorer is shipped with AEM as part of the jar so it's there is no Sling configuration associated with it. You may need to go to /system/console/bundles, search "Adobe Granite CRX Explorer" and stop the bundle. For other paths, you can go to /system/console/configMgr, search "Apache Sling Authentication Service", for instance, add "-/system/slinginfo.sessionInfo.txt" to the "Authentication Requirements" field, save it. That should be able to stop anonymous access to the path.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded