AEM dispatcher restricting content pages

0
votes

In AEM dipatcher we have two farms one for author and one for publish. On publish farm I wanted to restrict few of the content pages to be accessed by the direct requests.

For that we have a vhost and we want only that vhost to access the content pages. But before that I wanted to test how filters are going to work.

This is my filter config in dispatcher.any 

  /filter
         {
          # deny everything and allow specific entries
          /0001 {/type "allow" /glob "*"}
          /0002 {/type "deny" /glob "* content *"}
          }

tried 

  /0002 {/type "deny" /url "*/content*"}
        And also
  /0002 {/type "deny" /glob "*/content*"}

I can see the dispatcher is serving Cached Pages : Cache-action for requested pages is : DELIVER

Can some one please help how to address this issue. I can add more details.

2
aemhttpd.confdispatcher

2 Answers

0
votes

filters work fine with the format 

/filters
{ /0002 {/type "deny" /glob "* content *"} }

but the issue for me is cache. As cache at mnt/var/httpd/crx/content is caching the content pages the requests are being served with those cache pages.

work around is to have a different vhost which points to different farm, may be like /publish_deny_farm : and allow vhosts specific to that farm to point to a different cache root.

And one more layer of security we can include is filtering the requests at apache layer and forwarding the requests to the filtered specific vhost farms and so we can have even better control on filtering and denying traffic to certian paths of the content.

0
votes

Please try the following option

Deny everything, then allow the required URLs

/0001 { /type "deny"  /glob "*" }

/0029 { /type "allow" /glob "* /services*" }
/0031 { /type "allow" /glob "* /content/dam*" }
/0032 { /type "allow" /glob "* /etc/designs/*" }