论坛

主页 » Liferay Portal » English » 3. Development

组合视图 统一视图 树状图
讨论主题 [ 上一个 | 下一个 ]
toggle
Kinshuk Gupta
Direct Access to Admin Pages Security Issue
2013年3月8日 上午1:00
答复

Kinshuk Gupta

等级: New Member

帖子: 10

加入日期: 2013年1月2日

最近的帖子

Hi,

Recently, we did a AppScan of our application built using liferay 6.1 GA1 version. Among number of issues reported is - direct access to Admin pages. The following Urls were identified :


1
2https://10.66.91.59:8443/c/
3https://10.66.91.59:8443/c/portal/logout
4https://10.66.91.59:8443/c/portal/admin/
5https://10.66.91.59:8443/c/portal/x2fweb/


Is there any way to secure these /c/ Urls in Liferay?

Thanks
David H Nebinger
RE: Direct Access to Admin Pages Security Issue
2013年3月8日 上午5:56
答复

David H Nebinger

等级: Liferay Legend

帖子: 6253

加入日期: 2006年9月1日

最近的帖子

The pages are open, but if you try to get there I think you'll find Liferay doesn't let you in...