cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Remove web access for extensions in hybris

Go to solution
Former Member

on ‎2018 Jun 04 10:17 AM

0 Kudos
1,480

Few extensions created are unexpectedly behaving as web extensions.This is a possible security issue . We are only expecting ..storefront extension to be a web extension. Could you please give suggestions.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
View Entire Topic
Marko_salonen
Contributor
‎2018 Jun 04 10:41 AM
0 Kudos

Just to clarify that you should not disable the ones that behave as web extensions because these ussually need to be ones. For example cockpits, backoffice and so on. What you should do instead is: Disable those extensions that are not needed for customers in localextensions.xm for each customer frontend node. Restrict access for all none frontend web extensions in the loadbalancer.

You can find all web roots in hac.

Show replies
Show replies
Ask a Question
Top Q&A Solution Author
View all