Just restrict access to .magnolia on the public instances. We use Apache as a reverse proxy for out Tomcat intances, and .magnolia is forbidden through Apache.
RewriteEngine On RewriteRule ^/\.magnolia - [forbidden] The Tomcat port is open to traffic from the author instance as well as intranet. Rakesh On 05/10/2011 08:48, "Magnolia Forums (on behalf of Jean-Francois Nadeau)" <[email protected]> wrote: > >I'm new to Magnolia. Can anyone point me to what should be done to make >sure no one uninvited is able the publish content to our MagnoliaPublic >instances. > >For now my idea is to restrict access to the public instance on the >application port only to the authoring machine and to the Apache web >server. But outside hackers will still be able to publish on our server. > >Is there a url that is only used for publishing that must be protected >from outside ? What should be done ? > > >thank you > >-- >Context is everything: >http://forum.magnolia-cms.com/forum/thread.html?threadId=4b7e612a-3b96-40b >8-aa83-04411deab775 > > >---------------------------------------------------------------- >For list details see >http://www.magnolia-cms.com/community/mailing-lists.html >To unsubscribe, E-mail to: <[email protected]> >---------------------------------------------------------------- > ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
