November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

Remove Edit/Admin mode

Daniel Badro
Daniel Badro
Vote:
 

I would like to know the best way to remove the edit/admin mode and not give the user an 403 but an 404.

The enterprise site has an editor machine that publishes out to front end servers.

For security reasons it is a bad design giving information away that we have something hidden with an 403 the user should get 404 instead.

#89002
Aug 05, 2014 16:29
Daniel Badro
Daniel Badro
Vote:
 

Ok found one simple solution that seems to be working.

Just remove the [webroot]/modules/_protected folder.

That gives 404 when trying to access the edit admin mode.

/D

#89003
Aug 05, 2014 16:58
Vote:
 

One option is to use IIS Rewrite with the following rule:

Also you might then want to disable the utilUrl too (~/util/)

No warranties on the solution other than that it returns the desired 404 response and no friendly 404 page ;)

#89011
Aug 05, 2014 18:19
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.