[dspace-tech] Re: SOLR vulnerabilities in v6 (and v5!)?

As long as you are not exposing the DSpace SOLR to the public web interface, the scope of this issue is limited. You should however at least take the upgrade to DSpace 6.4. Edmund On Thursday, April 11, 2024 at 9:52:16 PM UTC+10 Michael White wrote: > Hi, > > > > We have 2 DSpace

[dspace-tech] Re: Assistance with Retroactive Collection Policies in DSpace

Unfortunately, bulk policy management did not make it into DSpace until the 7.6 release. This function allows you to retrospectively change the policy on all items and /or bitstreams ( a standard feature of DSpace 6). ./dspace/bulk-access-control -h usage: bulk-access-control -e,--eperson

Re: [dspace-tech] High CPU usage in DSpace 7.6 leading to server issues, lots of errors/examples (crossposted from Slack)

approach. Edmund Balnaves Prosentient Systems On Tuesday, March 5, 2024 at 10:22:23 PM UTC+11 Majo wrote: > Hello Carolyn Sullivan. > > I would like to offer a few points I noticed. I was responsible for > deploying > one instance of DSpace and I am quite familiar with problem

[dspace-tech] Re: Dspace 7.5 performace

I don't know how your proxy is wired up, but I got a benefit from binding the external host name in /etc/hosts to the internal IP - that kept a lot API traffic from hitting the external interface. The home page generates a lot of API calls. On my server the ratio is 1 page : 10 API calls

[dspace-tech] Re: DSpace 7 on production - poor performance

e (and impressive) migration that has been completed from DSpace 6. The new version is a very fresh and nice design, and the new API is nice. Edmund Balnaves Prosentient Systems On Tuesday, June 27, 2023 at 5:57:38 AM UTC+10 Karol wrote: > Hi, > > I have implemented dspace7 in productio

[dspace-tech] Filter search failes in DSpace 7.5 Author and Subject browse.

We have implemented a server with DSpace 7.5 api & angular interface. The browse menu filter function was not working with DSpace 7.5 (but works ok in earlier versions). To reproduce: -Use the All communities author or subject browse. -Use the browse within to search within the author/subject

Re: [dspace-tech] Is it possible rsync an assetstore between current and new servers

and of course you must keep the database in sync with the assets: copy and upgrade the dspace 5 prod database. Edmund On Friday, May 19, 2023 at 4:18:59 PM UTC+10 Sean Carte wrote: > For what it's worth, that's exactly what I would do. > > Sean > > On Thu, 18 May 2023 at 18:08,

[dspace-tech] Re: local.cfg not loading after a change

It looks like your angular config settings may be incorrect - the angular is calling the api server on port 8080. Edmund On Tuesday, May 16, 2023 at 9:20:02 PM UTC+10 Manuel Congosto wrote: > Hello! > > So I finally have the backend and the front end running on SSL, however I > am getting the

[dspace-tech] Re: Bulk download of filtered items (PDF)

That's not a feature in DSpace. It requires UI customization to achieve this to create a "cart" and download. On Thursday, February 23, 2023 at 7:55:11 AM UTC+11 Benneth wrote: > Please, in Dspace 5, how can you download bulk PDFs from a filtered > search result ie after the search are

Re: [dspace-tech] High traffic / DDoS / fail2ban

to invalid and maliciously crafted urls. Edmund Balnaves Prosentient Systems https://www.prosentient.com.au On Friday, January 20, 2023 at 12:27:24 AM UTC+11 Mark H. Wood wrote: > On Thu, Jan 19, 2023 at 11:50:03AM +0100, Florian Wille wrote: > > my DSpace (6.3) Site usually gets aro

[dspace-tech] Re: CORS errors using NGINX Reverse Proxy

You will need to implement https unless you are running in a local network On Friday, November 18, 2022 at 10:37:16 PM UTC+11 mcasals...@gmail.com wrote: > Right now I'm using http, haven't tried https yet. So I don't think it > will be the case. > > Thanks for commenting > > El dia dijous, 17

[dspace-tech] Re: CORS errors using NGINX Reverse Proxy

As with apache as a reverse proxy, you will probably find that you need to set the X-Forwarded_Proto to preserve the inbound https in the responses. In our apache reverse proxy we use RequestHeader set X-Forwarded-Proto https I believe the following will help with nginx proxy_set_header

[dspace-tech] Re: handle server quits after ubuntu upgrade

The compiled handle.jar file is available at https://release.prosentient.com.au/handle62/handle.jar.gz It can be used to replace the handle-6.2.jar reference in the dspace 6.4 build or copied directly to the target directly to the target directories - particularly of course lib

[dspace-tech] Re: handle server quits after ubuntu upgrade

This is a problem with the latest release of java (openjdk version "1.8.0_352"). It has now removed the deprecated class runFinalizersOnExit This class is used by the embedded handle.net jar classes to provide the resolver functions for the handle server. This is distributed via the maven

[dspace-tech] Re: Apache Commons Text vulnerability

The vulnerability centres on use of the StringSubstitutor from an unfiltered input. It looks from the source that the function is used for substitutions derived from dspace configuration files. On an initial review, as long as these config files are well-governed dspace7 should be safe in the