Hello!
I would like to security advice for running the Aerogear UnifiedPush Server
for sending Push messages to an iPhone app. The app-server is Wildfly, and
HTTPS is enabled. It is important to prevent unauthorized push messages
from being sent. Do you have any documentation or general advice for
securing Aerogear UnifiedPush Server?
I would like to setup firewall rules to prevent users on the internet to
log in to the UnifiedPush Admin gui /ag-push/ while still allowing
registration of iPhone app/device tokens though the same UnifiedPush Admin
server. What kind of URL pattern can I use to prevent admin logins
externally?
Regards,
Andreas R.