How prevent or restrict the usage of ?.do back door to backend

AnttiP
Tera Contributor

‎04-05-2022 03:47 AM

Does anyone know how we could either prevent or at least restrict the usage of "?.do" back door to backend?

As you well know, many customer wants to restrict the end users = roleless users of going to backend. As there are some OOTB ways to automatically redirect (roleless) users from backend (nav_to.do) to portal, they do not get triggered when ?.do is used. Neither I have found a way to prevent the usage of this method for named or even all users. Any thoughts on this?

What I have tried is: I created an UI page with name '?' and tried creating various ACL rules for it. No effect.

I also created a Support ticket for this.

Labels:
  • 1,771 Views
11 REPLIES 11

Mark Roethof
Tera Patron
Tera Patron

‎04-05-2022 11:11 PM

Hi there,

You could have a look at the Public Pages [sys_public] and search for page you are after. Then deactivate that page.

If my answer helped you in any way, please then mark it as helpful.

Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP

---

LinkedIn
Community article, blog, video list

 

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls

AnttiP
Tera Contributor
In response to Mark Roethof

‎04-06-2022 12:31 AM

Hi Mark,

The problem is that there seems to be no page or any other record for "?.do" whatsoever.

BR,
AnttiP.

0 Helpfuls

mco
Tera Guru

‎12-08-2022 01:38 AM

Hi AnntiP,

 

Did you solved your issue ? we are facing to the same situation .

 

Thanks for your reply.

 

Kr,

 

Michaël

0 Helpfuls

AnttiP
Tera Contributor
In response to mco

‎12-27-2022 12:18 AM

Nope. Opened a case for SN Support. According to SN there is no way to prevent this. What a shame.

0 Helpfuls

Philippe Casidy
Tera Guru

‎12-27-2022 01:41 AM

Hi,

 

Is that property you are looking for?

glide.entry.loggedin.page_ess

It is in a note in

Specify a login landing page (servicenow.com)

 

We are using it and regret it. It makes difficult to do testing from this kind of user perspective and deactivating it permanently in testing environment would make wrong testing.

Make sure UI Actions and pages have roles, there is an instance check suite that will do multiple testing:

/scan_check_suite.do%3Fsys_id%3D833655cc1b94101046e87733cd4bcb4e

 

Please let me know how it works for you anyway.

Philippe

0 Helpfuls