Jahia Technical URLs to block

  Written by The Jahia Team
 
Developers
Sysadmins
   Estimated reading time:
7.1.2.0
Provide a list a Jahia technical URLs needed to be blocked off access from outside client organization

Answer

url description
/start login page
/cms/login login page
/cms/admin/* administration
/administration administration
/welcome/adminmode administration
/cms/edit/* edit mode
/cms/contribute/* contribute mode
/cms/studio/* studio mode
/cms/dashboard/* dashboard
/tools/* admin tools for debugging (secured with basic HTTP authentication)
/modules/tools admin tools for debugging (secured with basic HTTP authentication)
/repository/* Webdav access to the repository
/server/* Webdav access to the repository
/engines/manager used to access content manager, portlet manager, document manager etc. Can be blocked
/errors/* this can be blocked, if they use own custom error jsps