How to stop user access to AEM instance directly? | Community
Skip to main content
R
ramgopalm545617
New Participant
April 13, 2018
Solved

How to stop user access to AEM instance directly?

  • April 13, 2018
  • 11 replies
  • 2679 views

Hi,

Is there a way to stop AEM instance directly using AEM server IP and the port on which the instance is started?

is there an AEM configuration which could help us stop user's access AEm directly on the server port?

Regards,

Ramgopal.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Kunwarsaluja

yes I see it’s single valued so you need to restrict that on the network layer to complete this task

In AWS hosted environment, you should be able to create policies to restrict this easily

11 replies

K
KunwarsalujaAccepted solution
Employee
April 25, 2018

yes I see it’s single valued so you need to restrict that on the network layer to complete this task

In AWS hosted environment, you should be able to create policies to restrict this easily

R
ramgopalm545617Author
New Participant
April 16, 2018

Hi Kunwar,

Jetty is not a multi field config, even if we whitelist the IP, we are still not able to access the server.

We had to revert it through launchpad configurations back to the hostname and then only we are able to retrieve the server.

please let us know if there is any other possibility.

Regards,

Ramgopal.

R
ramgopalm545617Author
New Participant
April 16, 2018

Hi Kunwar,

I wanted to test the configurations suggested by you, I have updated it to an IP address which is not my system IP and once i changed the Ip address in the jetty configurations, the server went unavailable.

we use VM ware and i'm not sure how to find the IP address in the entire company to revert the change, is there a way we can revert this configuration with out logging into AEM. (something from crx-quick start)

Regards,

Ramgopal.

K
Kunwarsaluja
Employee
April 14, 2018

Yes should be fine given we whitelist the ip of monitoring tools in this config

R
ramgopalm545617Author
New Participant
April 14, 2018

Hi Kunwar,

Thanks for your reply, in my previous project we had issues with monitoring tools accessing the server, so we had to revert to 0.0.0.0.

If we whitelist the monitoring server IP, will it fix the issue?

Regards,

Ramgopal.

K
Kunwarsaluja
Employee
April 14, 2018

You can set the Jetty config in Felix console which allows to accept connections from specific IP addresses only.

By default it is set to 0.0.0.0 which means accept all  and you can adjust the list per your need. I think it is a multivalued property

Hope this helps.

smacdonald2008
smacdonald2008
New Participant
April 13, 2018

AEM does not have a configuration settings that acts as a network whitelist/blacklist.

R
ramgopalm545617Author
New Participant
April 13, 2018

Hi Donald,

Have you heard of this requirement before and do you know if anyone has ever implemented this scenario?

We want to be more precise about this implementation because we fear that it might block any services in future.

Regards,

Ramgopal

smacdonald2008
smacdonald2008
New Participant
April 13, 2018

This is not really an AEM issue but a network/server issue. You can setup your network to block people from accessing the server that is hosting AEM.

R
ramgopalm545617Author
New Participant
April 13, 2018

Hi Donald,

It's not access to login into AEM.

For example if my hostname is asdfg01 and my server is started on port 4502, in general we can access the server by accessing asdfg01:4502.

We are trying to restrict people who know the server name/IP and the port, so is there a way at all to achieve this?

If so how can we achieve it?

Show more replies
Terms & ConditionsAccessibility statement

Loading footer...