Best strategy to stop anonymous users from browsing server directory

282
2
10-15-2021 11:30 AM
Boyang_Wang
Occasional Contributor

I recently realized that if a user knows the REST URL of a service, the user can browse the server directory and access all other serviced that are shared to the public. Ideally I want the user to only access the service with the URL they know. For example, I want a user to be able to load Service A in their own maps, but I have Service B which I use for a public app, and I do not want the user to be able to load Service B in their own maps.

What is the best strategy to hide certain public services in the directory? For now I go to ArcGIS Server Administrator Directory and add "deprecated": "true" to each service's property. Does this actually block an anonymous user the access to these services? Is there a way to do this without going to Administrator Directory, or to do this in batch?

0 Kudos
2 Replies
JayantaPoddar
MVP Esteemed Contributor
Boyang_Wang
Occasional Contributor

This method does not prevent user from adding the server to ArcGIS Pro project and browsing the services.

0 Kudos