Blocking public access to the publisher’s default URL

Last update: 2024-01-18

Block public access to your production published URL via a workaround, by creating a vhost in the dispatcher to match your default domain https://publish-pxxxxx-eyyy.adobeaemcloud.com/ and deny access for all requests in the vhost.

Description

Environment

Adobe Experience Manager

Issue/Symptoms

If you want to block public access to your production published URL - https://publish-pxxxxx-eyyy.adobeaemcloud.com/, to ensure that it is accessible only via your custom domain name (www.example.com).

As per the custom domain name setup, the DNS record for ‘www.example.com’ contains a CNAME entry of https://publish-pxxxxx-eyyy.adobeaemcloud.com. They do not have a separate CDN and are using AEM’s Fastly CDN.

Resolution

In this scenario, you cannot block by a certain domain at the edge. The workaround is to create a vhost in the dispatcher to match your default domain https://publish-pxxxxx-eyyy.adobeaemcloud.com/ and deny access for all requests in the vhost.

However, the /systemready path should be allowed, because that is Adobe’s healthcheck.

Documentation link

For more information, visit the following link:

https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/dispatcher-domains.html

On this page