Hello. I hope you're fine!

Please, I'd like to know the correct way to block acess to the Integration Server Admin Page.

We're currently hosting our IS Services on port 1234 (as example) and we can also access the Admin Page through it.

However, our Head Department requested us to create the new port 5678 and block the Admin Page access on port 1234, leaving it only as "Services Port".

I've already managed to block the Admin Page access on port 1234. However, I'm not sure if I did it correctly:

1. In the Security > Ports > Edit Access Mode page, I set "Access Mode" as "Allow by Default".
2. In the Deny List, I've added all wm.server.ui:* services into it

Is the above enough to block access to the Admin Page? Or are there other steps to securely block this access?

Thank you in advance!

------------------------------
Renan Kaic Lopes
------------------------------

I better way to do this is to set the port 1234 to have an Access Mode of Deny by Default and then add only the services you want exposed. This is more secure and also ensures that you have granular control for services you want to expose.

Your approach will work but then any new services are automatically allowed. And you still have other admin services exposed which may not match the wm.server.ui:* pattern