Blocking public access to the publisher’s default URL


One customer wants o to block the public access to their production publish URL -, for it to be accessible only via their custom domain name (

As per the custom domain name setup, the DNS record for ‘’ contains a CNAME entry of ‘.

They do not have a separate CDN and are using AEMs’ Fastly CDN


In this scenario, you cannot block by a certain domain at the edge.
The workaround is to create a vhost in the Dispatcher to match your default domain and deny access for all requests in the vhost 1.

However, the /systemready path should be allowed because that is Adobe’s healthcheck.


On this page