Enonic version: 6.4.2
OS: Mac and Linux
So I have made my self a service:
And I found the url for it using
So it’s seems the service is available on any page just by adding
to the url.
Now I don’t want to make the service publicly available to the internet.
The doc seems to suggest that it might not be the case by default:
For sites, you may only access the services of the apps that have been added to that site.
But if I visit the below url in my browser it works, even though I’m not logged in to admin:
Which seems to indicate to me the service will be available from the internet too, if I deploy to prod…
How should I go about protecting my service urls?