Skip to main content

Search This Blog

Rules of AEM

For AEM Learner's, Devops, Developers, Architects

Home
SECURITY
Dispacther
AEM-AWS
About us
Privacy policy
Desclimer

About us

We are individual blog contributer. Happy to share knowledge.

Get link
Facebook
Twitter
Pinterest
Email
Other Apps

Comments

Post a Comment

Popular Posts

How to Sync HMAC in AEM ?

Crypto Support in AEM (Syncing HMAC among AEM instances) AEM OOTB provides a feature where we can encrypt the secured and confidential data through OOTB AEM Crypto Support and store it in a code repository in the form of OSGi configuration. Crypto Support is based on keys (hmac and master files) which are unique for each AEM instance. Encrypted text generated for the same plain-text string on one AEM instance will be different from another instance. This can raise alarms in cases where we have the same OSGi configuration values shared among Author and Publish instances under the same topology. For e.g. /apps/project/config.prod/com.day.cq.db.dbservice.xml Here DB password for Default DB Service will be same across all Prod AEM instances. So, in order to make sure that the same encrypted value works on all Prod instances, we will have to sync hmac and master files among Prod Author and Publish instances. Vital Points to know before HMAC SYNC Sync of HMAC/keys will break the AEM SSL and

AdobeDispatcherHacks ".statfile"

AEM DISPATCHER STATFILE UNDERSTANDING & CACHE INVALIDATION:- AEM Developers, Infrastructure Engineers regularly come across a challenge on decoding the statfile and using it efficiently especially statfile becomes highly relevant in a multi-tenanted environment with different project teams controlling different sites. The article addresses in a simple way on how to understand the mechanisms of stat file and gives a detailed explanation of how it can be used in a multi-tenant environment model. The image for your reference as a quick overview of the data flow, before we take a deep dive. This article covers - 1 - When dispatcher serves the old version of the content. How to avoid it. 2- Cache invalidation mechanism. Assumption - If you are reading this article, I believe you would have a basic understanding of Dispatcher and it's configuration. Firstly let’s set the initial configuration for the cache invalidation section of the dis

how to clear dispatcher cache in aem ?

How to clear dispatcher cache in aem ? As you may know, the Dispatcher cache in Adobe Experience Manager (AEM) is used to improve the performance of your website by caching static resources and pages. However, sometimes you may need to clear the cache to ensure that the latest content and changes are displayed on your website. In this blog post, we'll show you how to clear the Dispatcher cache in AEM. This method will clear the entire Dispatcher cache, including all cached pages and resources. Keep in mind that clearing the cache may affect the performance of your website, as it may take some time to rebuild the cache. Clear Cache using the Dispatcher Flush Agent You can use the Dispatcher Flush Agent. Follow these steps: Log in to your AEM instance and navigate to http://localhost:4502/etc/replication/agents.author.html . Click on the "Dispatcher Flush" agent to open the agent's configuration page. Clic

How Does S3 works with AEM ?

How Does S3 works with AEM ? Accommodating a huge amount of assets in any content management platform is challenging. Adobe Experience Manager offers an integration with the Amazon S3 storage solution, allowing binary data for images, documents and videos to be stored in an S3 bucket. Amazon S3 is highly performant and offers nearly infinite storage capacity. When talking about terabyte storage, performance is everything. The choices made during the planning and architecting phase can literally make or break the performance of a CMS system and the websites running on it. Adobe Experience Manager offers a number of storage methods, each offering a different way of storing data. Each of these options has its strengths and weaknesses. In AEM storage the mechanisms are called Micro Kernels, or MK for short. In this article we will look at the AEM with S3 data store. For the detailed steps for S3 configuration you can refer - https://www.aemrules.com/2022/05/how-to-configure-s3-in-aem

Configure/Decoding AEM AuditLogs

AEM Developers, Infrastructure Engineers / Dev-ops teams working in the financial domain regularly come across a challenge for event auditing in AEM. This helps in identifying most of the activities happening in AEM. Audit logs are a very effective way to debug the content issue & to know what all is happening in your environment and by whom. This article addresses in a simple way on how to enable the audit logs, its different ways, and how to understand the audit logs. This article covers the following - How can we enable Audit logs in AEM. How can we read and understand the Audit logs/ tools to use it. Audit log on file system in crx-quickstart/logs folder. Audit logs for User creation / Modification. How can you archive/purge the audit logs. How can we enable Audit logs in AEM? By Default, the Audit logs are pre-configured in AEM, for a few basic operations of DAM and for all other operations of Pages and replications activity etc.. To ge

curl command AEM package filter addition creation

How to create AEM package via CURL Most of our dev ops and AEM developers face issue while automating the AEM package creation via Curl. I will explain the command and process for it. in AEM package creation is a 3 steps process. 1- AEM package creation 2 - Filter addition 3- Package build Let's see all these 3 steps in detail - AEM package creation it is simple step - curl -u admin:admin -X POST http://localhost:4502/crx/packmgr/service/.json/etc/packages/my_packages/testpackage?cmd=create \ -d packageName=testpackage \ -d groupName=my_packages Filter Addition This is a complex step where you need to be careful while adding the parameters. General command , in this " /content/my-site" is my package filter. You can also define the rule like exclude in exclude section. curl -u admin:admin -X POST http://localhost:4502/crx/packmgr/update.jsp \ -F path=/etc/packages/my_packages/testpackage.zip -F packageName=testpackage \ -F groupName=my_packages \ -F filter=&q

AEM ACL and how they are evaluated

ACL's and how they are evaluated ? AEM Developers, Infrastructure Engineers / Dev-ops teams working in any domain regularly come across a challenge for understanding the ACL & its evaluation mechanism. Adobe Experience Manager is designed to cater for content authoring of multiple sites by multiple content authors. Naturally, this process needs to be controlled by strict Access Control Lists (ACLs) to manage. AEM WCM uses Access Control Lists (ACLs) to organise the permissions being applied to the various pages. This article addresses in a simple way on how to understand the ACL's , its different ways, This article covers the following - How can we read and understand the ACL. Evaluation of user permissions. Concurrent Permission on ACL Access Control Lists are made up of the individual permissions and are used to determine the order in which these permissions are actually applied. The list is formed according to the hierarchy of the pages under consideration. How can w

AEM Security Headers

Added Security in AEM via Headers:- In design a robust architecture AEM Architects, Developers, Infrastructure Engineers regularly come across a challenge for adding the additional security in AEM. In this article, we will understand the key security headers which can be used in webserver and give an additional layer of security for your Publish server and content. I have used Apache webserver for all the examples. This article covers - 1 - X-XSS protection 2 - HTTP Strick Transport Security 3 - X-Frame Option 4 - Content Security 1- X-XSS Protection:- X-XSS-Protection header can prevent some level of XSS (cross-site-scripting ) attacks. Configure the x-xss-protection header to 1 in your apache httpd.conf file or Vhost file if you have for all domains as applicable. <IfModule mod_headers.c> <FilesMatch "\.(htm|html)$"> #Force XSS (should be on by default in most browsers anyway)

OakAccess0000: Access denied

ERROR :- OakAccess0000: Access denied We often observe while doing the AEM development or in live running environment we get the error code OakAccess0000 , while running a workflow or any asset upload. This impact the business as content author are unable to upload any content. Error stack trace :- Javax.jcr.AccessDeniedException: OakAccess0000: Access denied at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:232) [org.apache.jackrabbit.oak-api:1.10.6] at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:213) [org.apache.jackrabbit.oak-api:1.10.6] at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.newRepositoryException(SessionDelegate.java:669) [org.apache.jackrabbit.oak-jcr:1.10.6] at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.save(SessionDelegate.java:495) [org.apache.jackrabbit.oak-jcr:1.10.6] at org.apache.jackrabbit.oak.jcr.session.SessionImpl$8.per

How to Increase Apache Request Per Second ?

How to Increase Apache Request Per Second ? By default, Apache web server is configured to support 160 requests per second. As your website traffic increases, Apache will start dropping additional requests and this will spoil customer experience. Here’s how to increase Apache requests per second. 1. Install MPM module We need to install MPM Apache module to be able to increase Apache requests per second. You can use mpm_worker or mpm_event module for this, instead of mpm_prefork module which consumes a lot of memory. You can easily install MPM module in Apache with following command For CentOS7/RHEL7 : Adjust /etc/httpd/conf.modules.d/00-mpm.conf Comment the line LoadModule mpm_prefork_module modules/mod_mpm_prefork.so by adding # in front of it. Uncomment the line LoadModule mpm_worker_module modules/mod_mpm_worker.so by removing # in front of it. For Ubuntu/Debian : Use a2dismod / a2enmod to disable mpm_prefork and enable mpm_worker 2. Increase Max Connections in Apache Open MP

Powered by Blogger

aemrules

Contributors

Anuj Gangwar
admin

AEM Archive

May 20231
April 20232
March 20231
February 20234
May 20222
April 20227
March 20222
February 20221
January 20221
September 20211

June 20212
April 20212
April 20203

Show more Show less

Labels

AEM Security dispatcher apache Adobe Headers aws cache user .stat

CQ5 Crypto DDoS HMAC dispacther filter group httpd log s3 tools useraudit AEM as a cloud Service ALB ELB IP Invalidate LDAP OakAccess0000 StartServers X-FORWARDED-FOR access acl acs-commons audit auditlog author block bucket buid build certs change. checksum compaction content curl datastore debug delete directory docroot dos failure fds flush growth install load balancer logging maven modification mpm mvn oak otc package permission pom pre-warming purge replication reposetory repository root segment size ssl statfile storage tar ui update upgrade whitelisting

Show more Show less

Popular Posts

AdobeDispatcherHacks ".statfile"

AEM DISPATCHER STATFILE UNDERSTANDING & CACHE INVALIDATION:- AEM Developers, Infrastructure Engineers regularly come across a challenge on decoding the statfile and using it efficiently especially statfile becomes highly relevant in a multi-tenanted environment with different project teams controlling different sites. The article addresses in a simple way on how to understand the mechanisms of stat file and gives a detailed explanation of how it can be used in a multi-tenant environment model. The image for your reference as a quick overview of the data flow, before we take a deep dive. This article covers - 1 - When dispatcher serves the old version of the content. How to avoid it. 2- Cache invalidation mechanism. Assumption - If you are reading this article, I believe you would have a basic understanding of Dispatcher and it's configuration. Firstly let’s set the initial configuration for the cache invalidation section of the dis

how to clear dispatcher cache in aem ?

How to clear dispatcher cache in aem ? As you may know, the Dispatcher cache in Adobe Experience Manager (AEM) is used to improve the performance of your website by caching static resources and pages. However, sometimes you may need to clear the cache to ensure that the latest content and changes are displayed on your website. In this blog post, we'll show you how to clear the Dispatcher cache in AEM. This method will clear the entire Dispatcher cache, including all cached pages and resources. Keep in mind that clearing the cache may affect the performance of your website, as it may take some time to rebuild the cache. Clear Cache using the Dispatcher Flush Agent You can use the Dispatcher Flush Agent. Follow these steps: Log in to your AEM instance and navigate to http://localhost:4502/etc/replication/agents.author.html . Click on the "Dispatcher Flush" agent to open the agent's configuration page. Clic

curl command AEM package filter addition creation

How to create AEM package via CURL Most of our dev ops and AEM developers face issue while automating the AEM package creation via Curl. I will explain the command and process for it. in AEM package creation is a 3 steps process. 1- AEM package creation 2 - Filter addition 3- Package build Let's see all these 3 steps in detail - AEM package creation it is simple step - curl -u admin:admin -X POST http://localhost:4502/crx/packmgr/service/.json/etc/packages/my_packages/testpackage?cmd=create \ -d packageName=testpackage \ -d groupName=my_packages Filter Addition This is a complex step where you need to be careful while adding the parameters. General command , in this " /content/my-site" is my package filter. You can also define the rule like exclude in exclude section. curl -u admin:admin -X POST http://localhost:4502/crx/packmgr/update.jsp \ -F path=/etc/packages/my_packages/testpackage.zip -F packageName=testpackage \ -F groupName=my_packages \ -F filter=&q

OakAccess0000: Access denied

ERROR :- OakAccess0000: Access denied We often observe while doing the AEM development or in live running environment we get the error code OakAccess0000 , while running a workflow or any asset upload. This impact the business as content author are unable to upload any content. Error stack trace :- Javax.jcr.AccessDeniedException: OakAccess0000: Access denied at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:232) [org.apache.jackrabbit.oak-api:1.10.6] at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:213) [org.apache.jackrabbit.oak-api:1.10.6] at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.newRepositoryException(SessionDelegate.java:669) [org.apache.jackrabbit.oak-jcr:1.10.6] at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.save(SessionDelegate.java:495) [org.apache.jackrabbit.oak-jcr:1.10.6] at org.apache.jackrabbit.oak.jcr.session.SessionImpl$8.per

How Does S3 works with AEM ?

How Does S3 works with AEM ? Accommodating a huge amount of assets in any content management platform is challenging. Adobe Experience Manager offers an integration with the Amazon S3 storage solution, allowing binary data for images, documents and videos to be stored in an S3 bucket. Amazon S3 is highly performant and offers nearly infinite storage capacity. When talking about terabyte storage, performance is everything. The choices made during the planning and architecting phase can literally make or break the performance of a CMS system and the websites running on it. Adobe Experience Manager offers a number of storage methods, each offering a different way of storing data. Each of these options has its strengths and weaknesses. In AEM storage the mechanisms are called Micro Kernels, or MK for short. In this article we will look at the AEM with S3 data store. For the detailed steps for S3 configuration you can refer - https://www.aemrules.com/2022/05/how-to-configure-s3-in-aem

How Encrypt-Decrypt Data in AEM , Crypto Support ?

How to Use Crypto Support in AEM to Encrypt/Decrypt Data? While working with AEM, The AEM dev-ops / developer team sometimes have a requirements to call third-party APIs/Services. Configurations related to these APIs/Services like username, passwords, client id/secrets, API keys are usually stored in a code repository in the form of OSGi configuration. This sensitive information should be stored encrypted rather than plain-text format. This is possible through the OOTB AEM Crypto Support bundle. This bundle provides services for encrypting and decrypting the confidential/secured data through system-wide keys (hmac and master files). What are the Features of Crypto Support? Decryption happens at runtime. No one can decrypt the data through the UI. There’s no UI to decrypt the encrypted data. So, the information remains secure. What are hmac/master keys? Encryption/decryption happens through keys (hmac and master files). These keys get generated during the first startup of AEM instance

Configure/Decoding AEM AuditLogs

AEM Developers, Infrastructure Engineers / Dev-ops teams working in the financial domain regularly come across a challenge for event auditing in AEM. This helps in identifying most of the activities happening in AEM. Audit logs are a very effective way to debug the content issue & to know what all is happening in your environment and by whom. This article addresses in a simple way on how to enable the audit logs, its different ways, and how to understand the audit logs. This article covers the following - How can we enable Audit logs in AEM. How can we read and understand the Audit logs/ tools to use it. Audit log on file system in crx-quickstart/logs folder. Audit logs for User creation / Modification. How can you archive/purge the audit logs. How can we enable Audit logs in AEM? By Default, the Audit logs are pre-configured in AEM, for a few basic operations of DAM and for all other operations of Pages and replications activity etc.. To ge

How to Sync HMAC in AEM ?

Crypto Support in AEM (Syncing HMAC among AEM instances) AEM OOTB provides a feature where we can encrypt the secured and confidential data through OOTB AEM Crypto Support and store it in a code repository in the form of OSGi configuration. Crypto Support is based on keys (hmac and master files) which are unique for each AEM instance. Encrypted text generated for the same plain-text string on one AEM instance will be different from another instance. This can raise alarms in cases where we have the same OSGi configuration values shared among Author and Publish instances under the same topology. For e.g. /apps/project/config.prod/com.day.cq.db.dbservice.xml Here DB password for Default DB Service will be same across all Prod AEM instances. So, in order to make sure that the same encrypted value works on all Prod instances, we will have to sync hmac and master files among Prod Author and Publish instances. Vital Points to know before HMAC SYNC Sync of HMAC/keys will break the AEM SSL and

AEM ACL and how they are evaluated

ACL's and how they are evaluated ? AEM Developers, Infrastructure Engineers / Dev-ops teams working in any domain regularly come across a challenge for understanding the ACL & its evaluation mechanism. Adobe Experience Manager is designed to cater for content authoring of multiple sites by multiple content authors. Naturally, this process needs to be controlled by strict Access Control Lists (ACLs) to manage. AEM WCM uses Access Control Lists (ACLs) to organise the permissions being applied to the various pages. This article addresses in a simple way on how to understand the ACL's , its different ways, This article covers the following - How can we read and understand the ACL. Evaluation of user permissions. Concurrent Permission on ACL Access Control Lists are made up of the individual permissions and are used to determine the order in which these permissions are actually applied. The list is formed according to the hierarchy of the pages under consideration. How can w

How to Increase Apache Request Per Second ?

How to Increase Apache Request Per Second ? By default, Apache web server is configured to support 160 requests per second. As your website traffic increases, Apache will start dropping additional requests and this will spoil customer experience. Here’s how to increase Apache requests per second. 1. Install MPM module We need to install MPM Apache module to be able to increase Apache requests per second. You can use mpm_worker or mpm_event module for this, instead of mpm_prefork module which consumes a lot of memory. You can easily install MPM module in Apache with following command For CentOS7/RHEL7 : Adjust /etc/httpd/conf.modules.d/00-mpm.conf Comment the line LoadModule mpm_prefork_module modules/mod_mpm_prefork.so by adding # in front of it. Uncomment the line LoadModule mpm_worker_module modules/mod_mpm_worker.so by removing # in front of it. For Ubuntu/Debian : Use a2dismod / a2enmod to disable mpm_prefork and enable mpm_worker 2. Increase Max Connections in Apache Open MP

Total Pageviews

Report Abuse

Disclaimer

The information on this website is for general informational purposes only. AEM RULES makes no representation or warranty, express or implied. Your use of the site is solely at your own risk.