A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More.
AI OnAI Off
CMS12: Disallow access to CMS UI and Util on front servers (prem) for real.
Hi Jonas,
If you want to prevent to access login, edit mode, admin mode completely then I suggest you other simple solution as following:
var publicFront = configuration.GetValue<bool?>("PublicFront");
if (publicFront.GetValueOrDefault(true))
{
app.Use(async (context, requestDelegate) =>
{
if (context.Request.Path.StartsWithSegments("/util", StringComparison.OrdinalIgnoreCase)
|| context.Request.Path.StartsWithSegments("/episerver", StringComparison.OrdinalIgnoreCase))
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
await context.Response.WriteAsync("Forbidden: Access Denied");
return;
}
await requestDelegate(context);
});
}
Oct 09, 2024 10:59
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
Hi.
Having followed the instructions on https://docs.developers.optimizely.com/content-management-system/docs/decoupled-setup I still have some issues.
Could I remove the login all together?