12.7.2. Block sensitive Rest urls with Nginx

Warning

You are looking at documentation for an older release. Not what you want? See the current release documentation.

You can create redirection rules in several ways with nginx, this is one of the possibles :

...

      # Block login history for performance and security reasons
      location /rest/loginhistory/loginhistory/AllUsers { return 403; }
      location /rest/private/loginhistory/loginhistory/AllUsers { return 403; }

      # Block access to trash folder
      location /rest/jcr/repository/collaboration/Trash { return 403; }

      # Don't expose REST APIs listing (ITOP-2406)
      location ~ ^/rest/?$ { return 403; }
      location ~ ^/portal/rest/?$ { return 403; }

        ...
Copyright ©. All rights reserved. eXo Platform SAS
blog comments powered byDisqus