Alfresco hacks

Security best practices and tips

  • configure all ports beyond 1024
  • avoid default password (admin, db, jmx)
  • change default certificates and keys in SOLR
  • Set permission for configuration files, content store, indexing and logs
 chown -R alfresco:alfresco installRoot/
 chmod -R 600 installRoot



Switch off Tomcat application server


Mobile APP (url redirections)

Alfresco 4.x


The server is available through internal url : http://myalfresco:8080/alfresco
The server is available through external url :


create <tomcat>/shared/classes/META-INF/spring-webscripts-config-custom.xml containing

   <config evaluator="string-compare" condition="Server">

and make sure you have string “ shared.loader=${catalina.base}/shared/classes ” in file <tomcat>/conf/

alfresco.txt · Last modified: 2012/12/01 18:27 by a
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready