Provide a list a Jahia technical URLs needed to be blocked off access from outside client organization
Answer
url |
description |
/start |
login page |
/cms/login |
login page |
/cms/admin/* |
administration |
/administration |
administration |
/welcome/adminmode |
administration |
/cms/edit/* |
edit mode |
/cms/contribute/* |
contribute mode |
/cms/studio/* |
studio mode |
/cms/dashboard/* |
dashboard |
/tools/* |
admin tools for debugging (secured with basic HTTP authentication) |
/modules/tools |
admin tools for debugging (secured with basic HTTP authentication) |
/repository/* |
Webdav access to the repository |
/server/* |
Webdav access to the repository |
/engines/manager |
used to access content manager, portlet manager, document manager etc. Can be blocked |
/errors/* |
this can be blocked, if they use own custom error jsps |