Running AEM in Production Ready Mode running-aem-in-production-ready-mode
With AEM 6.1, ÃÛ¶¹ÊÓƵ introduces the new "nosamplecontent"
runmode aimed at automating the steps required to prepare an AEM instance for deployment in a production environment.
The new runmode will not only automatically configure the instance to adhere to the security best practices described in the security checklist, but will also remove all the sample geometrixx applications and configurations in the process.
In order to run AEM in production ready mode all you need to do is add the nosamplecontent
via the -r
runmode switch to your existing startup arguments:
java -jar aem-quickstart.jar -r nosamplecontent
For example, you can use the production ready to launch an author instance with MongoDB persistence like this:
java -jar aem-quickstart.jar -r author,crx3,crx3mongo,nosamplecontent -Doak.mongo.uri=mongodb://remoteserver:27017 -Doak.mongo.db=aem-author
Changes part of the Production Ready Mode changes-part-of-the-production-ready-mode
More specifically, the following configuration changes will be performed when AEM is ran in production ready mode:
-
The CRXDE Support bundle (
com.adobe.granite.crxde-support
) is disabled by default in production ready mode. It can be installed at any time from the ÃÛ¶¹ÊÓƵ public Maven repository. Version 3.0.0 is required for AEM 6.1. -
The Apache Sling Simple WebDAV Access to repositories (
org.apache.sling.jcr.webdav
) bundle will only be available on author instances. -
Newly created users will be required to change the password on the first login. This does not apply to the admin user.
-
Generate debug info is disabled for the Apache Sling Java Script Handler.
-
Mapped content and Generate debug info are disabled for the Apache Sling JSP Script Handler.
-
The Day CQ WCM Filter is set to
edit
on author anddisabled
on publish instances. -
The ÃÛ¶¹ÊÓƵ Granite HTML Library Manager is configured with the following settings:
- Minify:
enabled
- Debug:
disabled
- Gzip:
enabled
- Timing:
disabled
- Minify:
-
The Apache Sling GET Servlet is set to support secure configurations by default, as follows: